GoKawiilFrench authorities have detained a 15-year-old suspected of selling data stolen in a cyberattack on France Titres (ANTS), the country’s agency for issuing and managing administrative documents.
The government agency confirmed the breach and the authenticity of the data offered for sale on a cybercriminal forum by someone using the alias ‘breach3d’.
On April 13, ANTS detected suspicious activity on its network and notified authorities a few days later, on April 16, the Paris Prosecutor’s Office said.
Following an investigation, the authorities believe that the suspected 15-year-old used the moniker ‘breach3d’ to offer for sale between 12 and 18 million records stolen in the ANTS data breach.
The minor faces charges for unauthorized access, persistence, and data exfiltration from a state-run automated personal data processing system, as well as for possession of software that enables the offenses.
The offenses carry a maximum sentence of seven years in prison and a fine of EUR 300,000, the Paris Prosecutor’s Office notes in a press release.
A judge is now overseeing the case. Based on the evidence found, prosecutors are seeking formal charges and have requested that the minor be placed under judicial supervision.
Personal information exposed
On April 20, ANTS disclosed that a threat actor breached its systems and accessed data from individual and professional accounts on the ants.gouv.fr portal.
The government agency determined that among the affected data types were full names, email addresses, dates of birth, postal addresses, and phone numbers.
... continue reading