France Shuts Down Key ID Portal After Hack Exposes Data Tied to 11.7 Million Accounts

France has taken a major government website offline after a cyberattack exposed personal data linked to an estimated 11.7 million user accounts, roughly the population of Ohio.

The platform, called France Titres, is where many people in France apply online for passports, national ID cards, and vehicle registration documents. Officials say passwords and uploaded documents weren’t accessed, but leaked login identifiers and birthdates are more than enough to supercharge targeted scams.

The shutdown began April 24 at 7:30 p.m. local time, with the government publicly labeling it “maintenance” while it tightens security. For users, the result is blunt: no logging in, no tracking applications, and no online paperwork for a service many rely on for everyday life.

A “maintenance” screen masks a major breach

France Titres, formerly known as ANTS, the national agency that issues secure documents, has displayed a maintenance page since the evening of April 24. The French Interior Ministry, which oversees domestic security and national ID systems, said it pulled the portal offline to reinforce protections after an incident first detected April 15.

In practice, it’s a full-blown cyberattack that forced the government to hit the kill switch on a national service. That matters because the site isn’t a niche tool; it’s the digital front door for core documents, the French equivalent of a combined DMV-and-passport-application hub.

When a system like that goes dark, it doesn’t just inconvenience people, it freezes time-sensitive tasks. Think passport renewals ahead of travel, or vehicle paperwork needed to sell a car.

What was exposed: emails, phone numbers, names, and birthdates

French authorities say the leaked information includes account “identification” data: login identifiers (often an email address or phone number), honorifics, first and last names, email addresses, dates of birth, and a unique account ID. Depending on the user profile, the dataset may also include mailing addresses, place of birth, and phone numbers.

For professionals using the system, some business authorization details may be included as well, along with a French company identifier (similar in function to a U.S. Employer Identification Number used to uniquely identify an organization).

Officials insist the attackers didnotaccess passwords, uploaded supporting documents (like photos and proof-of-address files), or biometric data. That narrows the worst-case scenarios, but it doesn’t eliminate risk. A real name paired with a real birthdate and email address can make a phishing message feel frighteningly legitimate.

Why the leak could fuel a wave of convincing scams

Cybersecurity experts warn that this is the kind of breach that doesn’t need stolen passwords to cause damage. A scam text that says, “Your passport application is blocked, verify your identity now,” becomes far more persuasive when it includes accurate personal details.

Even without direct access to France Titres accounts, criminals can use leaked emails to attempt password resets on other services, or run phone-based fraud campaigns that sound official. The pressure is even higher because the real site is down, making it easier for fake “support” messages to lure frustrated users.

French officials say the stolen data has been spotted on illegal resale channels, suggesting an organized operation designed to package and monetize the information over time.

Government emails are going out, while scammers try to impersonate them

France Titres has begun contacting affected users directly. But the irony is brutal: after a breach, even legitimate warning emails can look like scams, and criminals often exploit that confusion.

The agency’s message to the public is straightforward: do not share personal information in response to emails, calls, or texts claiming to be from the government. Be especially suspicious of messages that push urgency, “within the hour,” “final notice,” “your file will be deleted”, or demand a payment or an SMS verification code.

The safest move, experts say, is to avoid clicking links in unsolicited messages and instead navigate to the official site yourself once service is restored, or use established government contact channels.

Police investigation launched as regulators and inspectors move in

The case has been referred to prosecutors in Paris under a legal mechanism that requires French officials to report suspected crimes. The investigation has been assigned to OFAC, France’s anti-cybercrime office, roughly comparable to a specialized federal cyber unit in the U.S. law-enforcement ecosystem.

Separately, the Interior Ministry has asked the Inspectorate General of the Administration, an internal watchdog, to review what happened and how the response was handled. France’s privacy regulator, the CNIL (similar in role to a data-protection authority, though the U.S. lacks a single national equivalent), has also been notified.

Cybersecurity specialists have criticized the government’s public language as too vague, terms like “incident” and “maintenance” can reduce panic, but they can also leave a vacuum that scammers fill with their own narrative.

France Titres is the latest high-value target in a string of public-sector hacks

The breach fits a broader pattern: centralized government platforms are magnets for attackers because they concentrate sensitive data at massive scale. French officials have dealt with other recent incidents involving France Travail (the country’s national employment agency) and Service-Public.fr, a major government information portal.

And when millions of people depend on one digital system, even a single compromised account, vendor weakness, or human error can cascade into a national problem.

For now, the practical impact is delays and uncertainty for users, and a ripe environment for fraud. The longer the portal stays offline, the more opportunities criminals have to exploit confusion with messages that sound official and feel plausible.