French Police Arrest 15-Year-Old in 11.7M Record Govt Breach

Key Takeaways

• A 15-year-old operating as 'breach3d' allegedly stole and sold 11.7 million records from France's ID document agency
• Exposed data includes names, emails, dates of birth, postal addresses, and phone numbers
• The minor faces charges carrying up to 7 years in prison and a EUR 300,000 fine

French authorities have detained a 15-year-old suspected of stealing and selling data from France Titres, the government agency that issues French ID cards, passports, and other administrative documents. The breach exposed personal information from 11.7 million accounts.

The Paris Prosecutor's Office announced the arrest after tracing the data sale to a cybercriminal forum user called 'breach3d.' The minor now faces charges that carry a maximum sentence of seven years in prison and a EUR 300,000 fine.

How the Breach Unfolded

France Titres, also known as ANTS, detected suspicious activity on its network on April 13. The agency notified authorities three days later, on April 16. By April 20, the agency confirmed publicly that a threat actor had accessed data from both individual and professional accounts on the ants.gouv.fr portal.

The threat actor initially claimed to have compromised up to 19 million records. ANTS later clarified that 11.7 million accounts were affected. The agency stated the stolen data could not be used for unauthorized account access, though it did not explain why.

What Data Was Exposed

The breach compromised several types of personal information stored in France Titres' systems. This agency handles applications for passports, national ID cards, driver's licenses, and vehicle registration.

• Full names
• Email addresses
• Dates of birth
• Postal addresses
• Phone numbers

The combination of data types creates risk for identity theft and targeted phishing campaigns. Criminals often use such information to impersonate government agencies or craft convincing scam messages.

The Charges

The detained minor faces multiple charges related to the intrusion. These include unauthorized access to a state automated data processing system, maintaining persistent access, and exfiltrating personal data. Additional charges cover possession of software used to commit these offenses.

A judge now oversees the case. Prosecutors are seeking formal charges and have requested the minor be placed under judicial supervision. The 15-year-old has not been formally charged pending the investigating judge's decision.

French law treats minors differently than adults in criminal proceedings, but the severity of charges reflects the scale of the breach. Attacking government infrastructure that handles identity documents is treated as a serious offense.

A Pattern of Young Hackers

Teenage hackers have been behind several high-profile breaches in recent years. The LAPSUS$ group, which hit Nvidia, Microsoft, and Okta in 2022, included teenagers among its members. A 17-year-old from the UK was arrested in connection with those attacks.

The France Titres case follows this pattern. Young individuals, often self-taught, exploit security gaps in major organizations. The 'breach3d' moniker appeared on cybercriminal forums offering the stolen data for sale, suggesting familiarity with underground marketplaces.

What Affected Users Should Do

Anyone with an account on ants.gouv.fr should assume their information may have been compromised. While ANTS claims the data cannot be used for account access, the exposed personal details create other risks.

1. Watch for phishing emails or texts claiming to be from French government agencies
2. Verify any requests for additional information by calling official numbers directly
3. Consider placing fraud alerts with credit bureaus if you receive suspicious communications
4. Update passwords on any accounts that share information with your ANTS profile

Frequently Asked Questions

What is France Titres (ANTS)?

France Titres, formerly ANTS (Agence Nationale des Titres Sécurisés), is the French government agency responsible for issuing passports, national ID cards, driver's licenses, and vehicle registration documents.

How many people were affected by the France Titres breach?

The agency confirmed 11.7 million accounts were affected. The attacker initially claimed to have up to 19 million records.

What charges does the 15-year-old face?

The minor faces charges for unauthorized access to a government system, maintaining persistent access, data exfiltration, and possession of hacking software. Maximum penalties are seven years in prison and EUR 300,000 in fines.

Can the stolen data be used to access victim accounts?

ANTS stated the stolen data cannot be used for unauthorized account access, though the agency did not explain why. The data can still be used for phishing and identity theft.

When did the France Titres breach occur?

ANTS detected suspicious activity on April 13, 2026, and notified authorities on April 16. The breach was publicly disclosed on April 20.

Source: BleepingComputer