Breach3d

breach3d is a threat actor moniker associated with claims of responsibility for a 2026 data breach affecting France Titres / Agence nationale des titres sécurisés (ANTS), a French government agency under the Ministry of the Interior that manages official identity and registration documents. On April 16, 2026, breach3d was reported to have claimed the attack on hacker forums and to have offered allegedly stolen ANTS data for sale. The actor claimed to possess between 18 million and 19 million records. Reported claimed data fields included login IDs, names, email addresses, dates of birth, unique account identifiers, and in some cases postal addresses, places of birth, phone numbers, gender, civil status, professional status, and government-verification status. Supporting content also names EvilDump and ExtaseHunters as collaborators in the alleged ANTS breach, with one report stating EvilDump made the sale post and credited ExtaseHunters and Breach3d as collaborators. The content characterizes the activity as sale of stolen data on hacker forums/open web with pricing via direct message and acceptance of escrow or middleman services. ATT&CK mappings mentioned in the content for the alleged intrusion and follow-on activity are T1190 (Exploit Public-Facing Application), T1213 (Data from Information Repositories), T1567 (Exfiltration Over Web Service), and potential downstream abuse via T1078 (Valid Accounts) and T1657 (Financial Theft). The record-count claims and full scope of the theft were not publicly confirmed by ANTS in the cited reporting.