In Germany researcher Lilith Wittmann found vulnerabilities in a campaignig app used by the CDU the largest conservative party. She reported them to the developers of the app.
Now she has received a letter by law enforcement informing her on an ongoing investigation in which she is named as defendant. The CDU has filed a criminal complaint. They think Lilith has hacked their app. This is the state of digitalisation in Germany. 🤦🤦♂️🤦♀️
https://www.ccc.de/de/updates/2021/ccc-meldet-keine-sicherheitslucken-mehr-an-cdu
@datenteiler They already started to backpedal. According to Stefan Hennewig the Bundesgeschäftsführer (parliamentary director?) of the CDU on twitter there was an unknown third party using the same vulnerabilities to gain access to personal data from the app and publish it online. They claim that involving Lilith Wittmann in that investigation was just an unfortunate misunderstanding.
Lamest excuse I heard in a long time.
At least they backpedal - in the US they occasionally involve DMCA
