Data Breach at ANTS: A Basic Flaw, Millions of Citizens Exposed
A major new alert has struck ANTS (Agence nationale des titres sécurisés — the French National Secure Documents Agency).
Up to 19 million French citizens may be affected by a data breach linked to an application vulnerability identified around 15 April 2026.
The type of flaw involved: an IDOR (Insecure Direct Object Reference).
In practical terms: the system was not correctly checking access rights. Simply modifying an identifier in a request was enough to access another user's data.
👉 A simple vulnerability… but with national consequences.
⚠️ Data Potentially Exposed
A near-complete civilian profile for each affected citizen:
Identity
First and last name
Contact
Email address
Date of birth
Date and place of birth
Address
Full postal address
Phone
Phone number
Identity status
Level of identity verification
🎣1. Targeted Spear Phishing
👉 The data enables ultra-personalised attacks.
- Fraudulent emails with name, address, date of birth
- Open rate 3× higher than generic phishing
- Perfect imitation of official communications
🪪2. Identity Theft
👉 A complete profile = an immediately usable identity.
- Creation of fake documents with real data
- Opening of fraudulent bank accounts
- Taking out loans in the victim's name
🏛️3. Administrative Fraud
👉 The identity verification status worsens the exposure.
- Fraudulent identity document requests
- Access to government services
- Manipulation of administrative records
🛡️ User Recommendations
If you may be affected:
- 1Be vigilant about suspicious emails and SMS (spear phishing)
- 2Never share your personal information via message
- 3Monitor your administrative and bank accounts
- 4Change your passwords on government services
- 5Enable login alerts on your sensitive accounts
- 6Report any identity theft to the relevant authority (e.g. Action Fraud in the UK)
🧠 The Key Point
This attack is a reminder of a fundamental reality:
The simplest flaws are often the most dangerous.
An IDOR is a well-known, documented, and preventable vulnerability with:
✔ Strict access controls (server-side verification)
✔ Regular application security testing
✔ Targeted code audits
The incident was reported to the CNIL and referred to the Paris prosecutor's office. The full scale is yet to be confirmed.
Cybersecurity does not rely solely on advanced technology — but also on correctly applied fundamentals.
In this case: a simple flaw → a national impact.
How does your organisation ensure that basic vulnerabilities (like IDORs) are properly managed in your applications?
Need personalised guidance?
NagaShield Security helps you implement these measures concretely, tailored to your organisation and budget.
Request a free diagnostic