- France Titres (ANTS) confirms the cyberattack and the theft of 19 million records offered on the dark web
- The stolen data includes names, contact details, birthdays, addresses, account metadata, gender, and marital status.
- Agency warns of phishing risks; Ongoing investigation with cybersecurity and law enforcement experts; Affected users have already been notified.
France Titres (ANTS), the French government body responsible for managing and issuing official identity and registration documents, confirmed having suffered a cyberattack and data theft, after cybercriminals offered to sell the stolen files on the dark web.
Last Thursday, a threat actor with the alias ‘breach3d’ posted a new thread on a dark web forum, offering to sell 19 million records. They claimed to have collected them on France Titres and that they contain people’s names, contact details, birthday information, postal addresses, account metadata, gender information and marital status.
Shortly after, ANTS issued an announcement confirming that the breach had occurred: “On Wednesday, April 15, 2026, the National Agency for Secure Credentials (ANTS) detected a security incident that may involve the disclosure of data from private and professional accounts on the ants.gouv.fr portal,” reads the automatically translated announcement.
Article continues below.
No user action required
The agency also confirmed the type of data stolen in the attack, but added that the bad actors do not have access to the portal or people’s accounts.
A more extensive investigation is currently underway, both with law enforcement agencies and third-party cybersecurity professionals. The affected people have already been notified, ANTS confirmed.
The agency also said that users are not required to do anything at this time. However, it did warn them about possible phishing attacks in the near future, by cybercriminals posing as the agency. With so much personal information, criminals can create convincing phishing lures, combined with fake logins and landing pages.
That way, they can trick victims into trying to log in, effectively stealing their login credentials. In some cases, they may even engage in identity theft and initiate fraudulent wire transfers on behalf of victims.
The agency warned that selling or sharing stolen data in any way is a criminal offense.
Through beepcomputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds.
