The BND foreign intelligence service has long tapped international data flows through the De-Cix exchange based in the German city of Frankfurt. But the operator argues the agency is breaking the law by also capturing German domestic communications.

"We have grave doubts about the legality of the current practice," said a statement Wednesday on the website of De-Cix Management GmbH, which is owned by European internet industry body the eco association. "We consider ourselves under obligation to our customers to work towards a situation in which strategic surveillance of their telecommunications only takes place in a legal manner." 

A German regulator has banned the sale of smartwatches aimed at children, describing them as spying devices. It had previously banned an internet-connected doll called, My Friend Cayla, for similar reasons.

Telecoms regulator the Federal Network Agency urged parents who had such watches to destroy them. One expert said the decision could be a "game-changer" for internet-connected devices. "Poorly secured smart devices often allow for privacy invasion. That is really concerning when it comes to kids' GPS tracking watches - the very watches that are supposed to help keep them safe," said Ken Munro, a security expert at Pen Test Partners.

Germany’s telecommunications watchdog has ordered parents to destroy or disable a “smart doll” because the toy can be used to illegally spy on children. The My Friend Cayla doll allows children to access the internet via speech recognition software, and to control the toy via an app.

But Germany’s Federal Network Agency announced that it classified Cayla as an “illegal espionage apparatus”. As a result, retailers and owners could face fines if they continue to stock it or fail to permanently disable the doll’s wireless connection. Under German law it is illegal to manufacture, sell or possess surveillance devices disguised as another object.

Technical trade secrets were stolen from the steel production and manufacturing plant design divisions of ThyssenKrupp AG in cyber attacks earlier this year, the German company said.

ThyssenKrupp, one of the world's largest steel makers, said it had been targeted by attackers located in southeast Asia engaged in what it said were "organized, highly professional hacker activities". In breaches discovered by the company's internal security team in April and traced back to February, hackers stole project data from ThyssenKrupp's plant engineering division and from other areas yet to be determined.

Hundreds of thousands of Deutsche Telekom customers in Germany were hit on Sunday by network outages and a company executive blamed the disruptions on a failed hacking attempt to hijack consumer router devices for a wider internet attack.

Deutsche Telekom said as many as 900,000, or about 4.5 percent of its 20 million fixed-line customers, suffered internet outages starting on Sunday and continuing into Monday, when the number of affected users began to decline sharply. Deutsche Telekom's head of IT Security told that the outages appeared to be tied to a botched attempt to turn a sizeable number of customers' routers into a part of the Mirai botnet.

The Bundeswehr's special cyber unit is believed to have conducted the nation's first known "offensive" cyber operation in 2015, when it hacked into the network of an Afghan mobile network provider.

The secretive cyber operation, which is yet to be officially acknowledged, was reportedly conducted in efforts to uncover the location of a kidnapped aid worker. According to unspecified sources, the Bundeswehr's Computer Network Operations Unit carried out the hack after a German national identified as Kaethe B, working for the German Association for International Cooperation was kidnapped in Kabul on 17 August, 2015. 

The German data protection agency has ordered Facebook to stop collecting user data from its WhatsApp messenger app and delete any data it has already received.

The social network announced in August that it would begin sharing data from its 1 billion-plus user base, including phone numbers, from WhatsApp users with Facebook for the purpose of targeted ads. It gave users the option of opting out of the data being used for advertising purposes, but did not allow them to opt out of the data sharing between WhatsApp and Facebook.

Avoiding Credit Card Fraud is simply easy as long as you use cash. But, what if you even get hacked while withdrawing cash from an ATM? If you are living in Germany or traveling there, then think twice before using your payment cards in the ATMs.

A Security researcher has managed to hack ATM and self-service terminal from Sparkasse Bank that allowed him to reveal the sensitive details from the payment card inserted into the machine. CEO of Germany-based security firm Vulnerability Lab, discovered a vulnerability while using a Sparkasse terminal that suddenly ejected his card, and changed status to "temporarily not available."

German Chancellor Angela Merkel may not be the only high-ranking leader from that country to be spied on by the National Security Agency.

German authorities are investigating whether the head of the German Federal Chancellery unit had his laptop infected with Regin, a highly sophisticated suite of malware programs that has been linked to the NSA and its British counterpart, the Government Communications Headquarters. Regin is among the most advanced pieces of malware ever discovered, with dozens of modules that can be used to customize attacks on targets in the telecommunications, hospitality, energy, airline, and research industries.

In order to obtain a copy of the NSA's main XKeyscore software, whose existence was first revealed by Edward Snowden in 2013, Germany's domestic intelligence agency agreed to hand over metadata of German citizens it spies on.

After 18 months of negotiations, the US and Germany signed an agreement in April 2013 that would allow the Federal Office for the Protection of the Constitution to obtain a copy of the NSA's most important program and to adopt it for the analysis of data gathered in Germany. This was a lower level of access compared to the non-US "Five Eyes" nations which had direct access to the main XKeyscore system.