EMURGO-backed wallet provider SecondFi is facing growing scrutiny after a major security breach, as new analysis indicates that losses suffered by Cardano users may be significantly higher than initially reported.
While the company previously estimated that the attack resulted in the theft of 16 million ADA, blockchain investigators now believe the total impact exceeds 129 million ADA and other tokens.
It is worth noting that SecondFi was previously known as Yoroi Wallet, the first Cardano light wallet launched in 2018 by EMURGO, one of Cardano’s founding entities. In April 2026, EMURGO rebranded Yoroi as SecondFi and expanded it from a single-chain Cardano light wallet into a comprehensive “neo-finance” application.
Security Researchers Suggest Losses Are Much Higher
Earlier this week, SecondFi, a web wallet backed by Cardano founding entity EMURGO, disclosed a devastating security incident that led to the loss of millions of ADA from user accounts.
According to the project’s preliminary findings, attackers exploited a vulnerability in its proprietary wallet-generation software, enabling them to steal approximately 16 million ADA. At the time of the report, the stolen funds were valued at around $2.4 million.
However, fresh analysis indicates that the actual scale of the breach could be significantly larger.
Yu Xian, also known as Cosine and founder of blockchain security firm SlowMist, examined fund movements linked to wallets suspected of being controlled by the attacker. Based on the observed transactions, he suggested that total user losses may have surpassed $20 million.
In a post on X, Cosine noted that more than 129 million ADA, along with several other tokens, appeared to have flowed through addresses associated with the exploit.
Cardano Community Voices Concern
The incident has triggered widespread concern across the Cardano community. Many members criticized both the security failure and its broader implications for ecosystem governance.
Community member David described the breach as alarming because users lost funds without signing transactions. He also pointed to the fact that SecondFi controls one of the largest DRep delegations in Cardano’s governance system, arguing that the incident raises serious concerns about decentralization and trust.
Meanwhile, community member Dori labeled the breach one of the most severe incidents the ecosystem has experienced. According to Dori, the fact that a wallet associated with a Cardano founding organization was compromised makes the event especially damaging to the network’s reputation.
Analyst Clarifies Cardano Blockchain Was Not Compromised
Despite the growing criticism, some ecosystem participants have stressed that the incident should not be interpreted as a failure of the Cardano blockchain itself.
Crypto analyst Dan Gambardello pushed back against claims that Cardano had been hacked, emphasizing that the vulnerability originated within SecondFi’s wallet software rather than the blockchain network.
Gambardello noted that the issue is tied to the wallet’s key-generation process, not to any flaw in Cardano’s core infrastructure, consensus mechanism, or protocol security.
Blink Labs Urges Users to Assume Wallets Are Compromised
Meanwhile, Cardano infrastructure provider Blink Labs issued a precautionary warning to users who previously created wallets through the SecondFi application.
The company advised affected users to generate a new wallet using trusted software obtained from official sources, transfer all assets to the newly created wallet, and select a new stake pool and DRep delegation.
Blink Labs further stressed that users should treat their existing SecondFi-generated wallets as compromised until investigators determine the full scope of the incident. However, SecondFi has urged users not to restore their recovery phrases into other Cardano wallets.
Instead, the company advised affected users to submit support tickets and wait for official instructions while the investigation remains ongoing. According to SecondFi, additional guidance will be provided once the independent security review is completed and the exact nature of the vulnerability is fully understood.
There has been conflicting advice from different community members in an attempt to be helpful.
⚠️ DO NOT RESTORE your recovery phrase into a new Cardano wallet.
As advised, do nothing until official steps come from SecondFi. The only thing you should do is submit a ticket at…
— SecondFi (@secondfiapp) June 24, 2026
DisClamier: This content is informational and should not be considered financial advice. The views expressed in this article may include the author’s personal opinions and do not reflect The Crypto Basic opinion. Readers are encouraged to do thorough research before making any investment decisions. The Crypto Basic is not responsible for any financial losses.
Bitcoin 
Ethereum 
Tether 
BNB 
USDC 
XRP 
Solana 
TRON 
Lido Staked Ether 
Figure Heloc 