Microsoft said on Friday that an Iranian nation-state group already sanctioned by the US government was behind an attack last month that targeted the satirical French magazine Charlie Hebdo and thousands of its readers.
The attack came to light on January 4, when a previously unknown group calling itself Holy Souls took to the Internet to claim it had obtained a Charlie Hebdo database that contained personal information for 230,000 of its customers. The post said the database was available for sale at the price of 20 BTC, or roughly $340,000 at the time. The group also released a sample of the data that included the full names, telephone numbers, and home and email addresses of people who had subscribed to, or purchased merchandise from, the publication. French media confirmed the veracity of the leaked data.
The release of the sample put the customers at risk of online targeting or physical violence by extremist groups, which have retaliated against Charlie Hebdo in recent years for its satirical treatment of matters pertaining to the Muslim religion and Islamic countries such as Iran. The retaliation included the 2015 shooting by two French Muslim terrorists and brothers at Charlie Hebdo offices that killed 12 and injured 11 others. To further gin up attention to the breached data, a flurry of fake personas—one falsely claiming to be a Charlie Hebdo editor—took to social media to discuss and publicize the leak.