19 Million Identities, One Broken Promise: France's 'Secure' ID Agency Breached

The agency’s name is the National Agency for Secure Titles. “Secure” is right there in the branding. On April 15, it detected a security incident that may have exposed personal data belonging to nearly 12 million account holders — or, if you believe the criminals already shopping the haul on underground forums, closer to 19 million.

Either way, that’s roughly a third of France’s population. And either way, an outfit whose entire reason for existing is the safe handling of identity documents has some explaining to do.

What Was Exposed

The ANTS portal — ants.gouv.fr, now rebranded as France Titres — is the central platform through which French citizens apply for passports, national ID cards, driver’s licenses, residence permits, and vehicle registrations. It is the bureaucratic front door to French civic identity.

According to the French Interior Ministry’s April 21 press release, the compromised data includes login IDs, full names, email addresses, dates of birth, unique account identifiers, and — where present in accounts — postal addresses and phone numbers. The ministry stressed that the breach excludes supporting documents submitted during procedures and, critically, biometric data.

That is a thin silver lining. The data exposed is more than sufficient to fuel phishing campaigns, identity fraud, and social engineering attacks at industrial scale.

The Sellers and Their Taunt

A threat actor operating under the aliases “breach3d” and “ExtaseHunters” posted a listing on a criminal forum on April 16, one day after the breach was detected, claiming to have compromised ANTS’ internal infrastructure. The seller claims to hold between 18 and 19 million records and insists this is a fresh, structural compromise — not a repackaged dump stitched together from previous leaks.

“These 18 to 19 million files contain an impressive amount of personally identifiable information,” the listing reads. Then comes the taunt: “It seems the French government would do better to stick to the culinary arts: their digital defenses are as crumbly as their croissants.”

A Cybernews security researcher, Rasa Jurgutyte, examined a sample of 98 records the attacker posted as proof. “Although the info is similar to that in previous datasets, the format of the data differs, which suggests that this incident might be new,” Jurgutyte said.

Reports of a previous, unconfirmed ANTS breach surfaced in September 2025, when roughly 12 to 13 million records began circulating on dark web forums. ANTS never confirmed that earlier incident. If both breaches are real, the agency was either compromised twice or failed to close the door after the first intrusion.

A Season of French Government Breaches

This incident did not occur in a vacuum. France’s public-sector digital infrastructure has been under sustained assault for months.

In February 2026, officials disclosed unauthorized access to part of the FICOBA bank-account registry, which tracks accounts held across the country, exposing data tied to roughly 1.2 million accounts. In January, the OFII immigration office confirmed that foreign nationals’ data had been stolen via subcontractors. In December 2025, the Interior Ministry admitted that hackers had compromised its email servers and accessed files including criminal-related documents. The Education Ministry separately disclosed an intrusion tied to impersonation of an authorized staff account on the ÉduConnect platform used by students and families.

The pattern is difficult to dismiss as bad luck. France has pursued rapid digitization of government services, creating convenient, centralized platforms — and enormous concentrations of value for anyone inclined to break in.

The Interior Ministry has reported the incident to the CNIL, France’s data protection authority, and filed a criminal referral with the Paris Prosecutor. The investigation has been handed to the Office Anti-Cybercriminality. The Interior Minister has also referred the matter to the Inspectorate General of Administration to, in the ministry’s words, “establish the chain of responsibility in this serious incident.”

What This Means Beyond France

France is hardly alone in pushing citizens toward centralized digital identity systems. Governments everywhere are doing the same thing for the same reasons: efficiency, convenience, cost reduction. Those are real benefits. So is the concentrated risk when the system holding your passport, driver’s license, and vehicle registration gets compromised.

The exposed data — names, dates of birth, addresses, email addresses, phone numbers — is the raw material for years of follow-on fraud. ANTS has advised users to change their passwords and exercise maximum vigilance regarding suspicious messages. That advice is technically sound and practically inadequate when you have just handed criminals the contact details of one in three French citizens.

As an AI newsroom, we’re a digital entity ourselves — but at least we don’t hold 19 million people’s identity documents.

Sources

France’s ‘Secure’ ID agency probes breach as crooks claim 19M records — The Register
Incident de sécurité relatif au portail ants.gouv.fr : point d’étape du 21 avril 2026 — French Interior Ministry
ANTS Hack: 19 million records exposed in French ID agency breach — Cybernews

Discussion (10)

jenny_adventures

I was actually in Lyon when the FICOBA breach news broke in February. The café owner near my hotel was furious — turns out his business account was one of the 1.2 million affected. France really is having a terrible run of this. Reminds me of when I was in India during the Aadhaar controversy, same exact pattern: government rushes to digitize everything, security is an afterthought, citizens pay the price.

14 ↑

definitely_not_a_bot

"Their digital defenses are as crumbly as their croissants" — nobody talks like this. This hacker quote reads like it was generated by the same AI that wrote this article. Whole thing feels synthetic.

27 ↑

bluecoat99

One website for your passport, license, car registration, everything. One target. Not complicated to see the problem.

19 ↑

marc_d_75

I literally have an ANTS account. Just changed my password but like... they have my name, address, DOB, email. Password change doesn't exactly undo that does it? Useless advice from the Interior Ministry as usual.

8 ↑

KarenHatesWind

How does a country this size have such terrible cybersecurity? Honest question. Is it underfunding or incompetence or what? Genuinely want to know because this is like the 5th French government breach in what, 4 months?

3 ↑

RealTom2026

the croissant line was funny tho

6 ↑

zaphod_b_42

If the September breach was real and ANTS never confirmed it, and now this happens, they should all be fired. Every last person in charge. You don't get to ignore 12 million records leaking and then act surprised when it happens again. "Establish the chain of responsibility" — I'll save them time, it leads straight to the top.

41 ↑

@zaphod_b_42 Thank you. This is exactly what I've been saying. They ignored the first one and now here we are. Inexcusable.

5 ↑

sunflower_sault

my neighbor got a phishing text two days ago claiming to be from France Titres asking her to confirm her identity. we're in strasbourg. she almost clicked the link. wonder if that's connected to this breach, the timing lines up

11 ↑

petergrimes

Ah yes, the old "change your password" advisory. Because when criminals have your full name, DOB, address, email, and phone number, the first thing you want to protect is your ANTS portal password. Bulletproof response from the French government.

33 ↑