Cyberattack at French identity document agency may have exposed personal data

A cyberattack targeting a French government website used to manage identity documents and driver’s licenses may have exposed users’ personal data, the Interior Ministry said on Monday.

The incident affected the website of the National Agency for Secure Documents (ANTS), a government service responsible for processing applications for passports, national identity cards, residence permits and driver’s licenses.

In a statement, the Interior Ministry said a “security incident that may involve the disclosure of data from both individual and professional accounts” was detected on April 15.

Initial analysis indicates that several types of personal information linked to individual user accounts may have been exposed. The potentially compromised data includes login credentials, names, email addresses, dates of birth, and the unique identifier associated with each account.

Additional information, including postal addresses, places of birth, and phone numbers, may also have been affected, the ministry said.

Officials stressed that the leaked information does not include documents uploaded during administrative procedures, such as attachments submitted as part of applications. According to the ministry, the compromised data cannot be used to gain unauthorized access to ANTS portal accounts.

The government has not disclosed the number of users affected, and the origin of the attack remains unclear. Authorities have launched an investigation to determine the scope of the breach and its potential consequences.

The ministry said additional security measures have been implemented to maintain the continuity of the portal’s services and strengthen data protection.

The incident comes amid a series of cybersecurity breaches affecting French public institutions in recent months.

Last week, France’s Education Ministry revealed that a cyberattack targeting its student account management system led to the leak of personal data belonging to students. According to officials, the intrusion stemmed from the impersonation of an authorized staff account in late 2025, which allowed attackers to access a service connected to the ÉduConnect platform used by students and families.

Earlier in February, hackers also breached part of France’s National Bank Accounts File — a database that records all bank accounts in the country — exposing information linked to roughly 1.2 million accounts out of more than 300 million entries.

French authorities have not yet attributed the ANTS incident to any specific threat actor or disclosed a potential motive for the attack.