It announced a press conference at midday to give further details on the probe into the remarkable breach of cybersecurity, which has piled political pressure on the government.
The information, which comprised home addresses, mobile phone numbers, letters, invoices and copies of identity documents, was first released via Twitter in December but its spread gathered pace last week.
Among the estimated 1,000 people affected were members of the Bundestag lower house of parliament and the European Parliament as well as regional and local assemblies.
Deputies from all parties represented in the Bundestag were targeted with the exception of the far-right Alternative for Germany (AfD), the largest opposition group in parliament.
Although the leak was sweeping, there is no evidence that sensitive information reached the public, investigators and the interior ministry have said.
The case has nevertheless been deeply embarrassing for the political class, and increased pressure on the unpopular interior minister, Horst Seehofer.
Beyond politicians, the leak also exposed the private data of celebrities and journalists, including chats and voicemail messages from spouses and children of those targeted.
The information derived both from social media and private “cloud” data.
The Twitter account @_0rbit published the links every day last month, along the lines of an advent calendar with each link to new information hidden behind a “door”.
The account, which calls itself G0d and has now been suspended by Twitter, was opened in mid-2017 and purportedly has more than 18,000 followers.
It described its activities as “security researching”, “artist” and “satire and irony” and said it was based in Hamburg.