The French government has announced the allocation of €200 million for cybersecurity measures following a major cyberattack on a national system that resulted in the theft of personal data belonging to millions of citizens.
The attack was discovered on April 15, 2026, and affected the France Titres portal — the government agency responsible for issuing and managing identity cards, passports, driving licences, and other official documents. Hackers gained unauthorised access to the database, stealing personal information including names, dates and places of birth, postal and email addresses, and phone numbers. According to the hackers, who listed the information for sale on the Dark Web, the breach may have affected up to 19 million records — roughly one third of the country’s population.
The government promptly confirmed the incident and launched an investigation. Authorities emphasise that biometric data and the documents themselves uploaded to the portal were not compromised; however, the leak of contact and identification details has already raised serious concerns about potential phishing attacks and identity theft.
“The problem of data breaches is becoming systemic. We can no longer afford such vulnerabilities in critical government systems,” officials stated.
In response, French authorities decided to allocate €200 million for a comprehensive set of measures: upgrading security systems, deploying advanced intrusion detection technologies, training specialists, and conducting security audits of other government platforms. A portion of the funds will go towards assisting affected citizens, including notifications and data protection guidance.
This move is part of France’s broader strategy to strengthen digital sovereignty amid growing cyber threats from both criminal groups and state actors.
Experts note that the France Titres incident is not the first major data breach in French government structures in recent times. It has once again raised questions about the risks of centralised storage of large volumes of personal data and the need for accelerated digitalisation accompanied by improved security standards.
Citizens whose data may have been compromised are advised to remain vigilant: change passwords, enable two-factor authentication, and treat suspicious messages with caution.