SecondFi, a wallet used within the Cardano ecosystem, has unveiled a recovery plan for users affected by Tuesday’s security breach. Emurgo, the wallet’s developer, announced that forensic investigations have been completed and that a roadmap for returning assets to users has been established.
Asset return process to proceed in two phases
Phillip Pon, CEO of Emurgo, stated that the technical solution will be built in the coming week, followed by a week of testing and security checks. If the announced timeline remains on track, asset reimbursements for affected users are expected to begin in approximately two weeks.
Phillip Pon confirmed that forensic analysis had been finalized, a recovery pathway determined for impacted users, and that returns would begin once development and testing phases are complete.
Pon also warned users to avoid taking any independent action outside of official guidance. The company’s recovery process has been designed according to the current wallet states, so transferring assets or performing unauthorized transactions could jeopardize the secure return of funds.
Breach impacted 374 addresses
SecondFi disclosed that the exploit, which was announced on Tuesday, affected around 16 million ADA. At the time, this amount was worth roughly $2.4 million. The company reported that the incident impacted 374 addresses and stemmed from a vulnerability at the address level within Cardano’s web wallet generation software.
Emurgo is recognized as a long-standing participant in the Cardano ecosystem, leading both infrastructure and product development efforts.
The company had previously stated that this vulnerability resulted in the exposure of several users’ private keys. However, a comprehensive post-incident report detailing technical specifics and the full nature of the attack has not yet been released.
Emergency measures and scam alert issued
As part of emergency actions, SecondFi reported that it has secured approximately 129 million ADA. These funds have been transferred to an independent third-party custodian and will be held there until the verification and recovery process is complete.
| Item | Details |
|---|---|
| Amount affected | 16 million ADA |
| Estimated value | $2.4 million |
| Number of addresses affected | 374 |
| Secured assets | 129 million ADA |
In a separate update, the company warned of phishing attempts circulating during the recovery process, featuring fake messages impersonating the wallet. SecondFi emphasized that no user actions are required for the recovery process at this time.
The company made it clear that it will never, under any circumstances, request private keys, seed phrases, wallet information, or direct wallet access from users.
SecondFi advised users to treat any requests for wallet data, asset transfers, or urgent actions via unofficial channels as scams. Users in need of support are instructed to submit requests only through the official support portal as the process unfolds.
