The National Agency for Document Security of France is investigating a security incident detected on April 15 on its portal ants.gouv.fr, a platform linked to the issuance and management of identity documents dependent on the French Ministry of the Interior.
The alert comes after, one day later, a cybercriminal claimed in hacker forums that he had for sale a database with 18 million records allegedly obtained after attacking the ANTS portal. The alleged attacker went so far as to describe the organization's security infrastructure as insufficient.
Personal data potentially compromised
Among the data that could have been exposed are the login identifier, the name, the surnames, the email address, the date of birth, and a unique account identifier. In some cases, the possible leak would also include the place of birth, the postal address, and the phone number.
The author of the alleged intrusion maintains that that database does not bear relation to any known set of information and states that it has not been fabricated nor altered. For now, those statements are part of a scenario under investigation.
Open investigation and notice to users
The ANTS keeps open an investigation to clarify the origin and scope of the incident. The agency has specified that the breach does not affect documents sent in administrative procedures and that it also does not compromise the access credentials to the portal.
The French entity has also indicated that it will notify the affected individuals. While the technical analysis progresses, it has asked users to exercise extreme caution regarding any suspicious or unusual communication, whether by SMS, call, or email, that may appear to come from the institution itself.
The case remains open and pending to determine how many accounts have been truly affected and what specific information could have been exposed after the incident.