A recent data breach at France Titres, the government agency responsible for issuing and managing administrative documents in France, has been brought to light after a threat actor claimed responsibility for the attack and the theft of citizen data.
Also referred to as Agence nationale des titres sécurisés (ANTS), this administrative body operates under the French Ministry of the Interior and is tasked with overseeing official identity and registration documents in France, which includes driver’s licenses, national ID cards, passports, and immigration documents.
In a statement released by the agency, it was revealed that the breach occurred last week, and while investigations are ongoing, various types of data pertaining to an unspecified number of individuals may have been compromised.
According to a statement by ANTS, “On Wednesday, April 15, 2026, the National Agency for Secure Documents (ANTS) detected a security incident that may involve the disclosure of data from individual and professional accounts on the ants.gouv.fr portal.”
The potentially exposed data includes login IDs, full names, email addresses, dates of birth, unique account identifiers, postal addresses (for some), places of birth (for some), and phone numbers (for some).
ANTS has assured that it is in the process of informing those affected by the breach and has emphasized that the exposed information does not grant unauthorized access to its electronic portals. However, it could be utilized in phishing and social engineering schemes.
The agency has involved the data protection authority (CNIL), the Paris Public Prosecutor, and the national cybersecurity agency (ANSSI) in its response efforts and has highlighted the illegality of selling or disseminating the compromised data.
On April 16, an individual using the pseudonym ‘breach3d’ claimed responsibility for the attack on ANTS in hacker forums, stating that up to 19 million records had been compromised.
The stolen data reportedly includes full names, contact details, birth dates, home addresses, account metadata, gender, and civil status. The data is currently being offered for sale, but widespread leakage has not yet occurred.
ANTS has advised users to exercise caution regarding any suspicious communications, such as SMS, phone calls, or emails, purporting to be from the agency, and has emphasized that no immediate action is required from users.
BleepingComputer reached out to ANTS for comment on the claims made by the threat actor but has not received a response at the time of publication.
An AI has combined four zero-day vulnerabilities into a single exploit that bypasses both renderer and OS sandboxes, signaling a wave of new exploits on the horizon.
Discover how autonomous, context-rich validation can identify vulnerabilities, validate controls, and streamline the remediation process at the Autonomous Validation Summit on May 12 & 14.
Claim Your Spot
EU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
Warning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
Facebook’s New Look: A Blend of Instagram’s Style
Facebook Compliance: ICE-tracking Page Removed After US Government Intervention
Facebook and Instagram to Reduce Personalized Ads for European Users
InstaDub: Meta’s AI Translation Tool for Instagram Videos
Reclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
Meta discontinues Messenger apps for Windows and macOS
Subscribe to our weekly newsletter below and never miss the latest News or an exclusive offer.
