France’s national document agency discloses data breach, investigates potential exposure of citizen information

France Titres, the government agency responsible for issuing and managing official administrative documents, has confirmed a data breach that may have exposed personal information from user accounts on its online portal, prompting an ongoing investigation and national cybersecurity response.

The agency, formally known as Agence nationale des titres sécurisés (ANTS), operates under the French Ministry of the Interior and oversees the production and management of driver’s licenses, national ID cards, passports and immigration documents. The breach was detected on April 15, 2026, following a security incident that occurred the previous week.

ANTS said the incident may have led to the disclosure of data linked to both individual and professional accounts on the ants.gouv.fr platform. The number of affected individuals has not been disclosed. The potentially exposed information includes login IDs, full names, email addresses, dates of birth and unique account identifiers. In some cases, postal addresses, places of birth and phone numbers may also have been compromised.

The agency has begun notifying individuals identified as potentially impacted. Officials stated that the exposed data cannot be used to gain unauthorized access to ANTS systems, but warned that it could be exploited for phishing or social engineering attacks.

Users have been advised to remain vigilant and to treat any unsolicited or suspicious communications, including emails, phone calls and text messages appearing to originate from ANTS, with caution. The agency indicated that no immediate action is required from users beyond heightened awareness.

Authorities have been formally notified of the incident, including France’s data protection regulator CNIL and the Paris Public Prosecutor. The National Cybersecurity Agency of France, known as ANSSI, has also been engaged to assist with the response and investigation. ANTS emphasized that any attempt to sell or distribute the compromised data would be illegal.

The disclosure follows claims made on April 16 by a threat actor using the alias “breach3d,” who alleged responsibility for the attack and claimed to possess up to 19 million records. The individual stated that the dataset includes personal and account-related details such as names, contact information, birth data, home addresses and civil status indicators.

The alleged dataset has been offered for sale, though it has not been widely circulated. ANTS has not confirmed the scale of the breach described by the threat actor and has not publicly responded to the claims.