French Government Agency ANTS Confirms Data Breach Affecting Up to 19 Million Records

Context ANTS, operating under the French Ministry of the Interior, manages driver’s licenses, national IDs, passports and immigration documents via the ants.gouv.fr portal. The agency disclosed the incident yesterday, noting that the breach does not grant direct portal access but could enable phishing and social‑engineering attacks. ANTS has notified CNIL, the Paris Public Prosecutor and ANSSI, and is contacting affected individuals.

Key Facts The exposed data set includes login ID, full name, email address, date of birth, unique account identifier and, for some records, postal address, place of birth and phone number. On April 16, the actor using the moniker “breach3d” posted on hacker forums claiming possession of up to 19 million records and offering them for an undisclosed price. ANTS confirmed the detection date but has not validated the actor’s claim; the investigation remains ongoing.

What It Means Although the stolen information does not allow immediate login to ANTS services, attackers can combine it with publicly available data to craft convincing phishing emails or SMS messages that appear to come from the agency. Organizations should treat any unexpected communication requesting credentials or personal data as suspicious.

Mitigations - Enable multi‑factor authentication on all accounts linked to ANTS portals. - Monitor authentication logs for anomalous login attempts from unfamiliar IPs or geolocations (MITRE ATT&CK T1078). - Deploy email gateway rules that flag messages spoofing the ants.gouv.fr domain (DMARC, SPF, DKIM). - Educate users to verify unexpected requests via official channels before responding. - Apply the latest ANSSI security advisory for government portals and patch any known vulnerabilities in web‑application frameworks.

Watch for further statements from ANSSI or CNIL regarding the scope of the breach, any confirmed malware indicators, and whether the claimed 19‑million dataset appears on underground markets.