France Titres Confirms ANTS Data Breach Affecting 11.7 Million Accounts

France Titres has confirmed a security incident affecting the ANTS portal, with 11.7 million individual and professional accounts potentially involved. The agency says the exposed data does not allow unauthorized access to user accounts, but it can still help attackers run convincing phishing and social engineering campaigns.

France Titres, also known as Agence nationale des titres sécurisés, manages France’s online services for vehicle registration, driving licenses, national identity cards, and passports. The breach became public after a hacker using the name “breach3d” claimed to have stolen and offered up to 19 million records for sale on a hacking forum.

The confirmed government figure is lower than the hacker’s claim, but it still makes the incident a significant exposure of citizen account data. France Titres says technical investigations remain underway, while affected users are being notified.

What France Titres says was exposed

According to the French government’s update, the data involved includes login identifiers, civil title, names, email addresses, dates of birth, and unique account identifiers. For some accounts, the exposed information may also include postal addresses, places of birth, and phone numbers.

The agency says the exposed data does not include extra documents submitted during administrative procedures. That means attachments and biometric information are not part of the affected dataset, based on the current findings.

France Titres has also said users do not need to complete a special procedure because of the breach. However, it recommends changing the account password at the next login and staying alert for suspicious SMS messages, calls, or emails that appear to come from France Titres.

What the hacker claimed

BleepingComputer reported that the threat actor “breach3d” posted the claim on April 16, alleging access to up to 19 million ANTS records. The claimed data reportedly included full names, contact details, birth data, home addresses, account metadata, gender, and civil status.

The data was offered for sale for an undisclosed amount, according to the report. France Titres has not confirmed the 19 million figure, and the official government update points to 11.7 million potentially affected accounts.

The key risk now is not direct account takeover through the exposed data alone. The greater concern is that criminals can use the information to impersonate ANTS or another French public service and target users with messages that look more credible.

At a glance

Item	What current information shows
Agency involved	France Titres, also known as ANTS
Portal affected	ants.gouv.fr
Confirmed scale	11.7 million accounts potentially concerned
Hacker claim	Up to 19 million records offered for sale
Data exposed	Names, emails, dates of birth, login IDs, account IDs
Extra data for some users	Postal address, place of birth, phone number
Not included	Attachments and biometric information
Main user risk	Phishing, scams, and social engineering
Official advice	Change password at next login and watch for suspicious messages

How France is responding

France Titres says it launched internal technical investigations after detecting the incident. The agency is still working to determine the origin and exact scope of the breach.

The incident has been reported to CNIL, France’s data protection authority. A report was also sent to the Paris public prosecutor, and the judicial investigation has been assigned to the Office anti-cybercriminalité.

France’s Interior Minister has also asked the Inspection générale de l’administration to establish the chain of responsibility in the incident. That step suggests the government wants a clearer internal review of how the breach happened and how the response unfolded.

Why the ANTS breach matters

The ANTS portal handles sensitive administrative processes tied to identity documents, vehicle registration, and driving licenses. Even without passwords, biometric data, or uploaded documents, exposed account data can still carry long-term fraud risk.

Attackers often combine basic identity details with urgent language to pressure victims. A message that includes a real name, date of birth, or address can feel legitimate, especially when it appears to come from a government service.

This is why France Titres is warning users to treat unusual messages with caution. The exposed data may not open an ANTS account directly, but it can make fake emails, fake calls, and fake SMS alerts more convincing.

What users can do now

• Change the ANTS account password at the next login, as France Titres recommends.
• Treat unexpected France Titres or ANTS messages with caution.
• Do not click payment, verification, or document-processing links sent by SMS or email.
• Visit the official ANTS portal manually instead of using links from messages.
• Do not share banking details, one-time codes, or identity document copies after an unexpected call.
• Report suspicious messages through official French cybercrime or consumer reporting channels.

FAQ