France has disclosed a security breach at the governmental body in charge of issuing and overseeing citizens’ official identification documents such as national IDs, passports, and immigration papers. Reports indicate that the personal information of numerous individuals may have been compromised.
The Agence Nationale des Titres Sécurisés (ANTS) revealed on Wednesday that the stolen data could encompass individuals’ complete names, birth dates and locations, mailing and email addresses, as well as phone numbers. ANTS mentioned that an investigation is underway to determine the extent and cause of the breach, and individuals impacted by the breach are being informed.
ANTS reported that they identified the breach on April 15 but did not disclose the number of people affected. However, information from the security outlet Bleeping Computer hints at a potentially substantial impact: a hacker has purportedly advertised the pilfered data on a hacking platform, asserting possession of a database containing 19 million records.
The hacker’s post on the forum matched the personal data categories outlined in ANTS’s official declaration and was made public before ANTS officially acknowledged the breach on April 20.
The source of the attack has not been revealed, and it remains unclear whether the stolen data has been traded or disseminated further. The French government has refrained from elaborating on the breach beyond the initial statement issued by ANTS.
This incident ranks among the most severe breaches of government-managed personal data in France in recent times, given ANTS’s pivotal role in the nation’s identity documentation system. Such a breach raises significant concerns about identity theft and document falsification due to the sensitive nature of the data maintained by the agency.
