Cyber Incident Victim: Ministère des Armées
Date:
Dec 2015
Location:
France
Summary
In response to Anonymous' trolling campaign and website defacements, ISIS-affiliated hackers leaked personal information of military personnel from France and the United States, including full names, addresses, phone numbers, and emails. The compromised data involved mid-level officials, a French lieutenant general, colonels, and U.S. Strategic Command communications officers, with claims of holding unreleased details on 700 additional individuals. The Islamic Cyber Army, linked to ISIS, disseminated the information through Cyber Caliphate social media accounts as part of an ongoing cyber conflict between the groups, following previous ISIS data leaks targeting government and military personnel. No official responses were reported from affected defense departments.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 2 actors | Available to members | Available to members |
Description
On December 14, 2015, ISIS-affiliated hackers operating under the banner of the Islamic Cyber Army leaked personal information allegedly belonging to 160 military personnel from France and the United States. The data dump, distributed through ISIS-linked social media accounts associated with the Cyber Caliphate, included full names, addresses, phone numbers, and email addresses. Among the affected individuals were mid-level French military officials, including at least one lieutenant general, several colonels, and communications officers from the U.S. Strategic Command (STRATCOM). The leak occurred in direct retaliation against Anonymous’ “ISIS Trolling Day” on December 11, during which the hacktivist group had defaced ISIS websites with mocking content, including viagra advertisements. ISIS referred to Anonymous as “idiots” in prior statements and framed the data release as a countermeasure to these provocations. The Islamic Cyber Army additionally claimed possession of unreleased data pertaining to 700 additional military personnel. This incident represented an escalation in the ongoing cyber conflict between ISIS and Anonymous, which had intensified following the November 2015 Paris attacks when Anonymous declared formal war against the terrorist organization.
The leaked information appeared on multiple ISIS-controlled platforms, with monitoring by the SITE Intelligence Group confirming its dissemination. No official responses were documented from the U.S. Department of Defense or French Ministry of Defense regarding the breach. The incident followed established patterns of ISIS cyber operations, including a March 2015 release of a “Hacked Hit List” targeting 100 U.S. military personnel and an August 2015 breach of U.S. government servers that exposed data from hundreds of officials. Concurrently, Anonymous expanded its campaign beyond ISIS by targeting Donald Trump’s website, citing concerns that his proposed Muslim travel ban would aid ISIS recruitment efforts. The hacktivist group had previously disrupted ISIS propaganda networks by dismantling social media accounts and forums following the Paris attacks. The December 14 leak demonstrated ISIS’ continued focus on doxing military personnel as both a retaliatory tactic and psychological warfare tool, though no direct operational security breaches or physical attacks stemming from the data exposure were reported in immediate aftermath assessments.