FRANCE’S ANTS ID System website was hit by a cyberattack that authorities say may have exposed personal data from users applying for IDs, passports, residence permits, and driver’s licences. The incident was detected on 15 April 2026, with the Interior Ministry confirming the breach and launching investigations to identify its scope and impact.
A data breach notification states the exposed details could include login ID, name, email, date of birth, and account ID, and in some cases may extend to address, place of birth, or phone number, though uploaded documents and direct account access are reportedly not exposed. The case has been reported to the CNIL and prosecutors, and security measures have been strengthened while professional and domestic users are being alerted to stay vigilant for suspicious messages.
A threat actor claims to be selling a dataset of around 18–19 million records linked to ANTS, though this claim remains unverified. Authorities emphasise that users do not need to act unless they observe suspicious activity, and they continue to monitor the situation as investigations proceed.