A French government agency responsible for managing official identity documents has confirmed a cybersecurity breach, after a threat actor claimed to be selling stolen data on underground forums.
The incident affects the Agence nationale des titres sécurisés (ANTS), also known as France Titres, which handles services such as passports, national ID cards, residence permits, and driving licences. French authorities said a “security incident” was detected on April 15, potentially exposing data from user accounts on the agency’s online portal.
According to initial findings, the compromised information may include names, email addresses, dates of birth, login identifiers, and account-related details. In some cases, additional personal data, such as postal addresses and phone numbers, could also have been accessed.
Around the same time, a threat actor using the alias “breach3d” posted on hacker forums claiming to possess a large dataset linked to the agency. The attacker alleged that up to 18–19 million records had been stolen and offered the data for sale, though these claims have not been independently verified.
French officials have not confirmed the scale of the breach or the accuracy of the attacker’s claims. However, the Interior Ministry acknowledged that the incident could have led to a significant data leak and said investigations are ongoing.
Authorities have warned users to remain vigilant for phishing attempts and other scams, as exposed personal data is often used in follow-up attacks. Cybersecurity experts note that information such as names, contact details, and account metadata can be leveraged to craft convincing fraudulent messages.
The breach adds to a series of recent cybersecurity incidents affecting French public sector systems, raising broader concerns about the security of large-scale digital identity platforms. Investigators have not yet disclosed how attackers gained access to the system, and no group has been officially attributed to the attack.