-
Paris prosecutors charged a 15-year-old on April 30, 2026, for hacking France’s National Agency for Secure Documents (ANTS) and exposing 11.7 million accounts.
-
The suspect, with the alias ‘breach3d,’ reportedly offered around 12 to 18 million stolen records, which included full names, emails, and birth dates, for sale on a cybercrime forum.
-
For this, he could be facing up to 7 years in jail. He might also have to pay a fine of €300,000 on top of that.
France recently opened a formal investigation into a 15-year-old who allegedly hacked the national ID agency and stole personal info of millions of citizens.
Prosecutors said he offered the stolen information for sale on a dark web forum under the nickname ‘breach3d’.
The Arrest and What Allegedly Happened
Paris prosecutors announced this on April 30. They detained the teenage suspect on April 25. Reports revealed that this young hacker allegedly put between 12 and 18 million lines of stolen data up for sale on cybercriminal forums. He pulled the data from the ants.gouv.fr portal.
So far, it’s looking like the breach affected people’s names, emails, birth dates, as well as their home addresses, mobiles, and unique account IDs.
The prosecutors have charged the suspect with multiple counts of unauthorized access and maintaining access. They also mentioned proven cases of data extraction, data transmission, and even indulging in possessing cyber intrusion tools.
It was the Paris prosecutor Laure Beccuau who requested a formal look at the situation and some judicial supervision thrown in for good measure.
Timeline of the Breach
ANTS first spotted unusual network activity on April 13. Two days later, on April 15, they formally identified a security incident. Surprisingly, the very next day, April 16, “breach3d” appeared on criminal forums. He was already advertising the stolen database for sale.
The French Interior Ministry went public on April 20 and confirmed that ANTS had detected an incident. Then on April 24, ANTS dropped the real number: it affected 11.7 million accounts. On the other hand, breach3d’s dark web post claimed almost 19 million records.
On April 25, he was arrested, and then on April 30, prosecutors announced the charges.
Why This Breach Matters
ANTS is not just any agency; they process applications for passports, national ID cards, and driver’s licenses. They also handle residence permits. In addition, ANTS oversees a government social media age-verification app.
Luckily, it didn’t expose any uploaded documents. Passport copies or application attachments all remained untouched. ANTS also says the exposed data does not allow direct access to their portals.
Still, the agency wants to let you know there are risks from phishing and social engineering. Bad actors can use what they find out about you to trick you into giving them your money, or even taking out loans in your name.
Commenting on the case, French Prime Minister Sebastien Lecornu said’s it’s very serious. He added that it does not involve classified state data.
France’s Growing Problem with Young Hackers
This isn’t the first of such event this year. French authorities have detained three young suspects between the ages of 15 and 21 in the past four months.
There was another 18-year old arrested back in January for stealing huge amounts of data from the French Shooting Federation. The breach exposed over one million members. Criminals then used that data to plan break-ins and also steal guns.
Then on April 20, authorities arrested a 21-year-old known as “HexDex.” He allegedly pulled off 100 data breaches since late 2025. And at that time, his targets included 15 different sports federations, the Ministry of education and even a police training platform.
Officials say HexDex is not connected to the ANTS hack. But the pattern is clear. Young hackers are targeting France’s core systems.
The trend of hackers targeting major organizations extends beyond France. Rockstar Games was recently targeted in an alleged Snowflake-linked breach, with hackers issuing an April deadline for the company to respond, showing that cybercriminals are selectively targeting high-profile victims across entertainment, government, and technology sectors.
Possible Next Steps
The investigation is now in full swing. France’s anti-cybercrime office (OFAC) leads the technical probe. ANTS has notified the CNIL data protection authority and the ANSSI cybersecurity agency.
The ANTS portal underwent maintenance to boost security. The seven days it took ANTS to tell the public about the breach is the bit that’s raising eyebrows because the GDPR states that you have to tell people about a breach 72 hours after it happened. The charges for this carry a maximum of 7 years in prison – the fine can reach 300,000 euros. The court will now test France’s juvenile cybercrime framework.
If you think your information might be among the information, stay alert. Watch for phishing attempts. Also, be extra careful with any emails about renewing your passport or your ID card. And for god sake dont hand over ANY personal info to anyone who can’t verify their identity.
