French authorities have detained a 15-year-old suspected of selling data stolen in a cyberattack on France Titres (ANTS), the country’s agency for issuing and managing administrative documents.
The government agency confirmed the breach and the authenticity of the data offered for sale on a cybercriminal forum by someone using the alias ‘breach3d’.
On April 13, ANTS detected suspicious activity on its network and notified authorities a few days later, on April 16, the Paris Prosecutor’s Office said.
Following an investigation, the authorities believe that the suspected 15-year-old used the moniker ‘breach3d’ to offer for sale between 12 and 18 million records stolen in the ANTS data breach.
The minor faces charges for unauthorized access, persistence, and data exfiltration from a state-run automated personal data processing system, as well as for possession of software that enables the offenses.
The offenses carry a maximum sentence of seven years in prison and a fine of EUR 300,000, the Paris Prosecutor’s Office notes in a press release.
A judge is now overseeing the case. Based on the evidence found, prosecutors are seeking formal charges and have requested that the minor be placed under judicial supervision.
Personal information exposed
On April 20, ANTS disclosed that a threat actor breached its systems and accessed data from individual and professional accounts on the ants.gouv.fr portal.
The government agency determined that among the affected data types were full names, email addresses, dates of birth, postal addresses, and phone numbers.
The announcement came after a threat actor claimed to have compromised ANTS and offered to sell up to 19 million records allegedly stolen in the attack.
.jpg)
In an update on the incident, the agency said that the number of impacted accounts was 11.7 million, but the stolen data could not be used for unauthorized access.
Pending the investigating judge’s decision, the 15-year-old minor has not been formally charged.
AI chained four zero-days into one exploit that bypassed both renderer and OS sandboxes. A wave of new exploits is coming.
At the Autonomous Validation Summit (May 12 & 14), see how autonomous, context-rich validation finds what’s exploitable, proves controls hold, and closes the remediation loop.
