Breach at French ANTS exposes citizen data; 19 million records advertised for sale
Summary
Hide ▲
Show ▼
France Titres (Agence nationale des titres sécurisés, ANTS), the government agency under France’s Ministry of the Interior responsible for issuing identity documents, disclosed a security incident on April 15, 2026, affecting its ants.gouv.fr portal. An unidentified threat actor advertised a sale of up to 19 million records on April 16, claiming access to full names, contact details, birth data, home addresses, account metadata, and civil status information. ANTS confirmed exposure of login IDs, names, emails, dates of birth, unique account identifiers, and partial address and phone data for an undisclosed number of individuals. While ANTS states the incident does not enable unauthorized access to its portals, exposed data heightens phishing and social engineering risks. The agency is coordinating with CNIL, the Paris Public Prosecutor, and ANSSI and has advised vigilance against suspicious communications purportedly from ANTS.
Timeline
-
22.04.2026 00:46 1 articles · 2h ago
ANTS breach disclosed; threat actor advertises sale of 19 million records
On April 15, 2026, ANTS detected a security incident affecting its ants.gouv.fr portal. On April 16, a threat actor using the handle ‘breach3d’ advertised up to 19 million records for sale, claiming possession of identity and contact data. ANTS confirmed exposure of multiple data types and warned users to remain vigilant against phishing and social engineering attempts. Authorities CNIL, Paris Public Prosecutor, and ANSSI have been notified and involved in response.
Show sources
- French govt agency confirms breach as hacker offers to sell data — www.bleepingcomputer.com — 22.04.2026 00:46
Information Snippets
-
ANTS detected the security incident on April 15, 2026, impacting the ants.gouv.fr portal used for identity and registration documents.
First reported: 22.04.2026 00:461 source, 1 articleShow sources
- French govt agency confirms breach as hacker offers to sell data — www.bleepingcomputer.com — 22.04.2026 00:46
-
Exposed data types include login ID, full name, email address, date of birth, unique account identifier, and in some cases postal address, place of birth, and phone number.
First reported: 22.04.2026 00:461 source, 1 articleShow sources
- French govt agency confirms breach as hacker offers to sell data — www.bleepingcomputer.com — 22.04.2026 00:46
-
The threat actor ‘breach3d’ advertised up to 19 million records for sale on April 16, claiming additional fields such as home addresses, account metadata, gender, and civil status.
First reported: 22.04.2026 00:461 source, 1 articleShow sources
- French govt agency confirms breach as hacker offers to sell data — www.bleepingcomputer.com — 22.04.2026 00:46
-
ANTS maintains that the incident does not allow unauthorized access to its electronic portals, but acknowledges increased phishing and social engineering risk due to exposed data.
First reported: 22.04.2026 00:461 source, 1 articleShow sources
- French govt agency confirms breach as hacker offers to sell data — www.bleepingcomputer.com — 22.04.2026 00:46
-
ANTS is notifying impacted users, has notified CNIL, the Paris Public Prosecutor, and engaged ANSSI in response.
First reported: 22.04.2026 00:461 source, 1 articleShow sources
- French govt agency confirms breach as hacker offers to sell data — www.bleepingcomputer.com — 22.04.2026 00:46