SecondFi targets two-week recovery after Cardano wallet exploit
SecondFi says it has identified a recovery path for users affected by Tuesday’s Cardano wallet exploit and expects to start returning assets in about two weeks, after building the fix and completing testing and security reviews. CEO Phillip Pon said the recovery plan is based on current wallet states, so users should not migrate assets or take any actions outside official instructions. The breach affected about 16 million ADA across 374 addresses and was traced to an address-level issue in the Cardano web wallet generation software that exposed private keys. SecondFi also secured about 129 million ADA through emergency measures and moved it to an independent custodian until verification is complete. SecondFi has not yet released a full post-mortem. It also warned that scammers are sending fake recovery messages and said it will never ask for private keys, seed phrases, credentials, or direct wallet access.
