French cryptocurrency tax-reporting firm Waltio has become the target of an extortion attempt following a significant data breach. The company announced on , that it had filed a formal police complaint after hackers who accessed user data demanded a ransom. According to reports from French newspaper Le Parisien, the breach may affect nearly 50,000 of the company’s clients.
In a public statement, Waltio confirmed it was the recipient of an extortion attempt that appears to be linked to a recent system intrusion. The company stated it filed a complaint for attempted extortion and an attack on an automated data processing system.
The firm described the incident as stemming from what seems to be a particularly sophisticated and targeted attack.
The attackers are threatening to sell the compromised user data if their ransom demands are not met.
The compromised information reportedly includes sensitive personal data. According to Le Parisien, the exposed data consists of users’ full names, email addresses, phone numbers, and the total number of cryptocurrency transactions they have conducted. This information could be used by malicious actors to craft highly convincing phishing campaigns or other targeted scams. However, initial reports suggest that more critical data, such as API keys for exchanges and private wallet addresses, were not compromised in the breach, limiting the risk of direct theft of user funds from the breach itself.
The attackers’ primary motivation appears to be financial. By stealing sensitive user data from a company operating in the financial technology sector, they have created leverage for an extortion plot. The threat to release or sell the data of nearly 50,000 individuals places significant pressure on Waltio to comply with the ransom demand to protect its clients and its reputation. This tactic is a common strategy in ransomware and data extortion schemes, where the value of the stolen data is used to extract payment from the victim organization.
Several key details about the incident remain undisclosed. The specific amount of the ransom demanded by the hackers has not been made public. Furthermore, Waltio has not provided technical details about the security vulnerability that was exploited or the exact date the breach occurred. The identity of the hacking group behind the attack is also currently unknown.
Waltio has stated it is cooperating with the relevant authorities in the ongoing investigation. For affected users, the immediate future holds an increased risk of being targeted by scammers. With their names, contact details, and crypto transaction history exposed, they are prime targets for sophisticated phishing attacks that could attempt to trick them into revealing private keys or login credentials for other platforms.
Clients of Waltio and other cryptocurrency service users should take precautionary steps to secure their accounts. It is critical to be extremely vigilant for unsolicited emails, text messages, or phone calls claiming to be from Waltio or other financial institutions. Users should enable two-factor authentication on all their exchange and financial accounts. Most importantly, never share private keys, seed phrases, or passwords in response to any communication.
Follow us on Bluesky , LinkedIn , and X to Get Instant Updates
