Cardano Wallet SecondFi Suffers Potential $20 Million Loss After Security Breach

Highlights:

• The SecondFi security breach may have exposed more than 129 million ADA, far above the project’s initial estimate.
• SecondFi warned users not to restore their recovery phrases into another Cardano wallet after the incident.
• Users are waiting for audit findings, compensation details, and a final report on the wallet software flaw.

SecondFi, a Cardano ecosystem wallet project, has traced a recent security incident to its native Cardano web wallet generation software. The project disclosed the incident on June 23 and suspended services connected to the affected wallet software. It also entered maintenance mode while investigators reviewed the incident.

Advertisement

🚨MASSIVE EXPLOIT IN CARDANO PROJECT DRAINS OVER $20 MILLION

Cardano ecosystem project SecondFi has suffered a major exploit after a flaw in its wallet generation software allowed attackers to drain user funds.

Security firm SlowMist says the total damage may exceed $20… pic.twitter.com/q7zdmE0NTz

— Coin Bureau (@coinbureau) June 24, 2026

The project said the issue remained confined to its native Cardano web wallet generation software. SecondFi began a technical review to determine how many wallets the flaw affected and how much users lost.

SecondFi also froze balances and captured a snapshot of user accounts. The project said the balance snapshot could help verify user holdings if it launches a recovery program. Investigators also reviewed suspicious transactions that moved funds from affected wallets between June 21 and June 22.

SecondFi hired an independent blockchain security firm to verify the cause of the incident and measure its impact. The project said the independent review will help confirm both the scope and cause of the incident. The project also said it would publish new updates after investigators confirm additional findings.

SecondFi Security Breach May Have Exposed Larger ADA Losses

SecondFi’s initial review found about 178 wallets that attackers accessed through the compromised software. The project estimated that attackers stole about 16 million ADA from affected wallets during the incident. The 16 million ADA estimate equals roughly $2.4 million at current market prices.

How SecondFi's wallet bug led to millions in stolen $ADA:

– SecondFi is Cardano's self custody wallet built by EMURGO

– hackers exploit a flaw in its wallet generation system

– bug compromises private keys during wallet creation

– attackers don't need phishing or wallet… pic.twitter.com/EOTLZl9jAN

— Param (@Param_eth) June 24, 2026

Attackers removed ADA, other Cardano-based tokens, and NFTs from compromised user wallets. However, security researchers believe the total damage may extend far beyond SecondFi’s preliminary estimate. Security researchers began reviewing on-chain data after SecondFi published its initial findings.

SlowMist founder Cos said the project’s early estimate may understate total losses. In an X post, Cos said user losses could exceed $20 million if investigators confirm suspected attacker wallets. The founder said attackers may have exposed more than 129 million ADA, along with other digital assets.

我对 Cardano 生态其实挺陌生的，昨晚围观了一晚，但如果以下都是黑客地址（从行为上应该是）：

addr1q8g8cgwqw98q2mrzrwgcy3wectdxwem8a8zp9r2mn6wjy7q4x7gcpv39wwurj7n72akw4kd0dgmv72gz4j92fvhn29ss7vuz99… https://t.co/gFxun3Wfdo

— Cos(余弦)😶‍🌫️ (@evilcos) June 24, 2026

Cos tracked two Cardano addresses that he believes may connect to the attackers behind the incident. Cos said transaction records suggest attackers gained access to multiple wallet credentials. He also said transaction records suggest attackers obtained batches of mnemonic phrases or private keys before moving funds. According to Cos, attackers moved funds gradually over many hours.

Users Await Audit Findings and Recovery Details

SecondFi has not released a final technical report explaining how attackers accessed users’ wallets. The project has not announced compensation terms for users who lost ADA, tokens, or NFTs. Affected users continue waiting for audit findings, compensation details, and recovery guidance.

SecondFi said it would release additional information after the independent review confirms the cause and scope of the incident. However, the project has not provided a timeline for discussions on compensation or reimbursement. As a result, uncertainty continues across the affected user base.

Security experts warned users not to reuse recovery phrases generated through the affected wallet software. Users remain at risk if they import compromised recovery phrases into another wallet application. Instead, experts advised users to create entirely new wallets and move assets immediately.

Cardano founder Charles Hoskinson also addressed the incident after reports suggested losses could exceed $20 million. He said the amount of ADA involved may not appear large when compared with other major crypto hacks. However, he said, affected users view the losses differently. “This is the unfortunate reality of crypto,” Hoskinson said. He added that some users may have lost all of their ADA holdings. “It hurts them whenever they lose anything,” Hoskinson said.

🔥HOSKINSON ON THE $20M CARDANO PROJ EXPLOIT: “THIS IS THE UNFORTUNATE REALITY OF CRYPTO”

Charles Hoskinson says the amount of $ADA lost may not seem huge compared to other crypto hacks.

But he stressed that this brings no comfort to users who may have lost "ALL their ADA."… https://t.co/pOv2MBgTFO pic.twitter.com/QnpeahYNdX

— Coin Bureau (@coinbureau) June 24, 2026

Advertisement