- France Titres (ANTS) confirms cyberattack and theft of 19M records offered on dark web
- Stolen data includes names, contact details, birthdays, addresses, account metadata, gender, and civil status
- Agency warns of phishing risks; investigation ongoing with law enforcement and cybersecurity experts, affected users already notified
France Titres (ANTS), the French government body responsible for managing and issuing official identity and registration documents, confirmed suffering a cyberattack and data theft, after cybercriminals offered to sell the stolen files on the dark web.
Last Thursday, a threat actor with the alias ‘breach3d’ posted a new thread on a dark web forum, offering the sale of 19 million records. They claimed to have picked them up from France Titres, and that they contain people’s names, contact details, birthday information, postal addresses, account metadata, gender information, and civil status.
Soon after, ANTS issued an announcement, confirming that the breach did happen: “On Wednesday, April 15, 2026, the National Agency for Secure Credentials (ANTS) detected a security incident that may involve the disclosure of data from private and professional accounts on the ants.gouv.fr portal,” the machine-translated announcement reads.
Article continues below
No user action requred
The agency also confirmed the type of data stolen in the attack, but added that the miscreants do not have access to the portal, or people’s accounts.
A more thorough investigation is currently underway, with both law enforcement agencies and third-party cybersecurity professionals. Affected individuals were already notified, ANTS confirmed.
The agency also said that users are not required to do anything at this point. However, it did warn them about potential phishing attacks in the near future, from cybercriminals posing as the agency. With so much personal information, crooks can create convincing phishing lures, paired with fake login and landing pages.
That way, they can trick victims into trying to log in, effectively stealing their login credentials. In some cases, they can even engage in identity theft and initiate fraudulent wire transfers on behalf of the victims.
The agency warned that selling or sharing the stolen data in any way is a criminal offense.
Via BleepingComputer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
https://cdn.mos.cms.futurecdn.net/VsnoQAEmxjEvebB3dyY9Pj-2560-80.jpg
Source link
