German intelligence is investigating a cyberattack on the German Association for East European Studies (DGO), allegedly linked to the Russian hacker group APT 29. The attack, which targeted email communications, follows previous breaches and is part of a broader trend of Russian cyberattacks on German institutions.

German intelligence officials announced on Tuesday that they are investigating a cyberattack targeting the German Association for East European Studies (DGO), an organization known for its focus on foreign policy and international relations. The DGO is one of several German research institutions that the Russian government has labeled as "undesirable."

Germany’s Federal Office for Information Security (BSI) and the Federal Office for the Protection of the Constitution (BfV) are reportedly collaborating on the investigation into the breach. The widely read German newspaper Bild reported that the cyberattack has been linked to the hacker group APT 29, also known by the alias “Cozy Bear.” This group, allegedly connected to the Kremlin, is also believed to be behind recent malware attacks on multiple German political parties.

The DGO publicly acknowledged the incident at the end of March, stating that the attackers had succeeded in accessing their email communications. Suspicion was raised when experts observed repeated attempts to access the organization’s mail server from an IP address that had also been involved in a similar attack the previous year.

A DGO spokesman stated that, in addition to cyberattacks, some German institutions labeled as undesirable in Russia have faced stalking of employees and physical break-ins at their Berlin headquarters. The DGO has increased its computer security since last year’s attack, but the spokesman acknowledged that defending against sophisticated breaches is difficult for smaller organizations. German security authorities recently sent warning letters regarding Russian cyberattacks to approximately 70 academic institutions.