Hundreds of German politicians, including Chancellor Angela Merkel, have had personal details stolen and published online.

Contacts, private chats and financial details were put out on Twitter that belong to figures from every political party except the far-right AfD.

Data from celebrities and journalists were also leaked. It is unclear who was behind the attack, which emerged on Twitter in the style of an advent calendar last month.

The true extent of damage caused by the leak is not yet known although Justice Minister Katarina Barley said it was a “serious attack”. “The people behind this want to damage confidence in our democracy and institutions,” she said.

A government spokeswoman said no sensitive data from the chancellor’s office had been published. MPs, Euro MPs and MPs from state parliaments were affected, said Martina Fietz. She said the government was not yet certain that the data had been stolen by cyber-hackers. Some reports suggested a lone leaker may have had access to sensitive data through their work.

A cyber analyst said there was speculation that hackers may have exploited weaknesses in email software to get hold of passwords that those targeted had also used on social media accounts.

Germany’s federal office for information security (BSI) said government networks were not affected, as far as it was aware.

Although nothing politically explosive is known to have been leaked, the sheer volume of personal data involved suggests the consequences could be considerable, says RBB reporter Michael Götschenberg, who researched the attack. The now-suspended Twitter account, identified by German media as @_0rbit, was followed by more than 17,000 people and appeared to be operated from Hamburg.

Although documents had been posted on the account from 1 December to 28 December, it was not until Thursday evening that officials became aware of the theft.

Bild newspaper said all the data stolen in the attack dated back to before October 2018 but it was not clear when it began.