Bundestag to switch from Signal to Wire after phishing attack on senior officials
Bundestag to switch from Signal to Wire after phishing attacks on senior officials; presidium cites months of talks with Wire and suspected Russian involvement.
The presidium of the German Bundestag has moved to accelerate a migration of parliamentary communications from the encrypted messenger Signal to the European alternative Wire. Bundestag Vice-President Andrea Lindholz said the parliament has been in discussions with Wire for months, and the issue gained fresh urgency after a recent phishing operation targeted several senior lawmakers. Authorities believe the incident was carried out with backing from Russian actors, prompting renewed concern about the security of internal messaging.
Presidium formalizes push toward Wire
The Bundestag presidium is now actively promoting an institutional switch away from Signal and toward Wire as its preferred messaging platform. Officials told lawmakers the step is intended to centralize and harden parliamentary communications under a provider they consider subject to European data and oversight standards.
Members of the presidium have held repeated talks with Wire representatives over the past months, according to a senior parliamentary official. Those conversations focused on deployment logistics, account management, and security assurances that the presidium says will better protect MPs and staff from targeted social-engineering campaigns.
Phishing campaign exposed targeted accounts
Last week the Bundestag confirmed that a phishing campaign had succeeded in compromising accounts of several high-profile officials. Among those reportedly affected were the Bundestag president and senior ministers, whose messages and contact lists may have been exposed through manipulated Signal sessions.
Parliamentary security teams moved quickly to assess the extent of the intrusion and to isolate impacted accounts, but the episode highlighted vulnerabilities in how individual devices and apps were being used for official business. The incident has become a catalyst for broader safeguards and stricter controls over messaging tools used across parliamentary offices.
Officials named among victims of attack
The attack reportedly targeted Bundestag President Julia Klöckner, Family Minister Karin Prien, and Construction Minister Verena Hubertz, all of whom have senior roles in government and party leadership. The targeting of multiple high-level figures raised alarm inside the Bundestag about the potential for laterality in the breach and the value of compromised contacts.
Security officials are examining whether the phishing operation exploited device-level weaknesses, stolen credentials, or deceptive links shared through Signal group conversations. Investigators are also working to map the timeline of the intrusion and to identify any secondary accounts or staffers who may have been affected.
Authorities point to suspected Russian involvement
German authorities investigating the phishing campaign have said they believe Russian actors are behind the operation, describing the activity as consistent with intelligence-style targeting. Security services cited patterns and technical indicators that, in their assessment, point to state-linked cyber activity rather than opportunistic criminal fraud.
Lawmakers and cybersecurity officials have treated the attribution as significant because it reframes the incident as a targeted campaign aimed at gathering political intelligence rather than a generic phishing scam. That assessment has reinforced calls within the Bundestag to adopt a messaging platform with governance aligned to European law and oversight mechanisms.
Wire presented as European alternative with governance appeals
Wire is being presented to the Bundestag as an attractive alternative because it is marketed as a European-built platform that offers end-to-end encryption while operating under regional data protection frameworks. Presidium members say the platform’s governance model and European ties make it a better fit for institutional use in a national parliament.
The discussions with Wire have reportedly centered on enterprise-level controls, centralized account provisioning, and administrative features that would allow parliamentary IT to enforce security policies across devices. Those capabilities are viewed as essential to reducing the risk that individuals’ accounts can be abused to access broader networks of official contacts and communications.
Parliament plans phased migration and security review
Parliamentary administrators say any migration will be phased and accompanied by device audits, user training, and stricter rules for official messaging. The presidium has emphasized that switching platforms is only one part of a wider effort to modernize protections for MPs, staff, and sensitive communications.
IT teams are preparing roll-out plans that include mandatory configuration profiles, two-factor authentication, and monitored account provisioning to reduce the risk of future compromises. Lawmakers will be briefed on timelines and obligations before any compulsory switch, and transitional support will be provided for offices managing a large volume of communication.
The events have prompted renewed debate about the balance between secure encryption for private messages and the need for institutional oversight when communications cross into official business. Parliamentary leaders say they intend to combine stronger technical controls with clear rules on acceptable use to prevent a recurrence.
The presidium’s move marks a notable institutional response to a targeted cyber operation that touched the highest levels of German politics, and it underscores a broader trend in which governments seek European-based digital services for sensitive workflows. The Bundestag’s planned migration to Wire will be watched closely by other public bodies weighing whether to replace global messaging apps with platforms they say offer tighter governance and stronger alignment with national security priorities.
