SecondFi Confirms Cardano Wallet Security Incident, Estimates Impact at 16M ADA

SecondFi has confirmed a security incident affecting part of its Cardano wallet platform and said the root cause has been isolated. According to the company’s official update, the issue was tied to its native Cardano web wallet generation software, while the platform remains in secure maintenance mode during the response process. The company said its current estimate of the total impact is approximately 16 million ADA.

SecondFi Says Cardano Web Wallet Software Was Affected

SecondFi said the incident was limited to its native Cardano web wallet generation software and that the root cause has been isolated. The company also said it has completed on-chain analysis to determine the scope of the incident and is finalizing an independent technical review with a blockchain security firm.

The current official estimate places the total impact at approximately 16 million ADA. SecondFi said it has taken a full snapshot of balances and is continuing its operational response while the platform remains in secure maintenance mode. During that period, front-end interactions through the platform have been paused.

SecondFi also said it is coordinating with Input Output, Cardano Foundation, Intersect and SundaeSwap as part of the response. The company described the coordination as focused on exchange touchpoints, protocol exposure and support for affected users.

Yoroi Rebrand Adds Wider Cardano Wallet Context

The incident has wider relevance because SecondFi is the successor to Yoroi Wallet, one of Cardano’s most recognized wallet products. EMURGO previously announced that Yoroi Wallet was evolving into SecondFi, a self-custody neofinance platform designed for spending, sending, staking and asset management.

Cardano.org also described the move as a rebrand of Yoroi Wallet into SecondFi, while noting that the Yoroi brand would continue separately as a DRep identity for governance participation. That places the incident inside a broader product transition, from a traditional Cardano wallet experience toward a wider self-custody financial application.

Unofficial claims on X have suggested a much larger possible figure, including references to 130 million ADA. SecondFi has not confirmed that number in its official updates. Based on the company’s current public communication, the confirmed estimate remains approximately 16 million ADA, while higher figures should be treated as unverified unless supported by a public on-chain report or an additional official statement.

SecondFi Warns Users About Scam Support Accounts

SecondFi warned users about fake support accounts and impersonators attempting to exploit the incident. The company said official team members will never contact users first through direct messages, ask for a seed phrase or request a transfer of funds.

The company said official support is handled only through logged tickets on the official SecondFi website. Users are being directed away from private messages, recovery links and unofficial support channels, which are common attack paths during wallet security incidents.

The next updates are expected to define the final scope of affected wallets, the status of any native tokens or NFTs involved, the results of the independent technical review and the reimbursement process for impacted users. Until those details are published, the confirmed public figure remains SecondFi’s estimate of approximately 16 million ADA, while the 130 million ADA figure remains an unverified community claim.