Overview
- ANTS, which detected the issue Wednesday, April 15, said some account data from its ants.gouv.fr portal may have been disclosed.
- A user calling themselves breach3d, also known as ExtaseHunters, later claimed 18 to 19 million records and offered the trove for sale, a figure officials have not confirmed.
- The agency said exposed fields include login IDs, names, emails, birth dates and account IDs, with some records also listing postal address, place of birth and phone number, and it said these details do not let someone sign in.
- Officials warned the data could fuel phishing and social‑engineering scams and urged users to treat messages that appear to come from ANTS with caution.
- The agency, which runs systems for passports, national ID cards and driver’s licences, said it notified CNIL, the Paris prosecutor and ANSSI, launched technical checks and added extra protections for the portal.