ANTS, France’s national ID and passport agency, confirmed a breach exposing names, birthdates, addresses, and phone numbers of an undisclosed number of citizens.
Key Takeaways
ANTS detected the attack on April 15; public disclosure came April 20, five days later.
Stolen data includes full names, dates and places of birth, mailing addresses, email addresses, and phone numbers.
A hacker advertised a 19-million-record database on a hacking forum before ANTS disclosed publicly, per Bleeping Computer.
ANTS covers national IDs, passports, and immigration documents, making this a high-value identity infrastructure target.
The scope investigation is ongoing and affected individuals are being notified individually.
Hacker News Comment Review
French commenters report already being notified as impacted; at least one notes the same data was previously exposed in a separate breach at the French unemployment agency, compounding identity risk.
Community consensus is fatalism: PII of this type has leaked repeatedly, and absent meaningful regulatory penalties beyond apology notices, breach incentives for agencies won’t change.
Notable Comments
@Zealotux: asks for a self-serve lookup tool, noting “scammers can steal my identity directly from the government.”
@loupol: already notified as impacted; same data had previously leaked via French unemployment agency Pôle Emploi breach.
