3 Minutes
SecondFi outlines two-week recovery plan after ADA breach
SecondFi, a Cardano web-wallet provider, has announced a structured recovery process to return assets affected by a recent security incident. Following digital forensics and internal security reviews, SecondFi says it has identified the path to restore user funds and intends to begin repaying victims within roughly two weeks.
Final snapshot and staged recovery timeline
Philip Poon, CEO of Emurgo, confirmed the company completed its technical and security investigations and created a final snapshot of wallet states. According to the announced timeline, the team will first build the necessary recovery infrastructure over the next week. A second week is allocated to rigorous testing and additional security verification before any refunds are processed. This staged approach aims to ensure a controlled, secure recovery of ADA balances on the Cardano blockchain.
Scope of the incident and root cause
SecondFi previously reported that approximately 16 million ADA—about $2.4 million—was compromised across 374 addresses. The breach was traced to a flaw in address generation within the Cardano web wallet software that led to exposure of some users' private keys. In response, SecondFi said it moved about 129 million ADA to an independent custodian so those funds remain protected while investigations continue.
User guidance and phishing warnings
The company strongly urges affected users to follow only official instructions and to avoid moving funds or responding to unsolicited messages. SecondFi warns that fraudulent communications and phishing attempts will likely surface during the recovery process. The platform reiterated that it will never request private keys or other sensitive credentials in any official correspondence.
What this means for Cardano users and the wider crypto community
The incident highlights ongoing risks around wallet security and private key management. Cardano users should review their wallet practices, enable recommended security measures, and wait for official recovery steps from SecondFi and Emurgo. The transparent timeline and custody of unaffected ADA aim to restore trust while the team completes audits and repayment procedures.
Leave a Comment