Hacker Breaches ANTS Portal via IDOR, Proving Government Systems Vulnerable
An IDOR access‑control flaw allowed a hacker to infiltrate France’s ANTS portal, which issues IDs, passports and driver’s licences, exposing up to 19 million citizens’ personal data—including names, addresses, birth details and authentication credentials—as the attacker claimed the breach was merely to demonstrate governmental vulnerability.
France’s ANTS portal, which issues national identity cards, passports and driver’s licences, was confirmed to have been breached, exposing personal information of up to 19 million citizens. Leaked data includes names, email addresses, home addresses, dates and places of birth, phone numbers and authentication credentials.
The attacker publicly stated that the intrusion was not motivated by financial gain but solely to demonstrate how easily a government system can be compromised. The breach was carried out through an IDOR (Insecure Direct Object Reference) access‑control vulnerability.
Approximately 80 GB of data—comprising passwords, source code, server logs and the aforementioned personal identity information—was exfiltrated. Sample data has been released, illustrating the extent of the compromise.
Black & White Path
We are the beacon of the cyber world, a stepping stone on the road to security.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.