On January 21, 2026, Waltio was targeted by a sophisticated attack, with threats to disclose user data and a sample provided to verify its authenticity.
The incident triggered an immediate mobilization of the technical team, legal advisors, and external experts to analyze the situation and secure the systems.
What happened?
Investigations indicate there was no intrusion into production infrastructure. All Waltio services are functioning normally, and user accounts and crypto assets remain secure.
The breach only affects data related to 2024 tax reports, finalized as of December 31, 2024.
Which data was exposed?
Potentially exposed information includes:
- User email addresses
- Aggregated data from 2024 tax reports: gains, losses, and balances as of December 31, 2024
For some users, only incomplete reports were exposed: number of accounts, number of transactions… without detailed gains or losses.
Which data was NOT affected?
No information allowing access to your crypto assets was compromised.
Data that was not affected includes:
- Passwords
- Exchange API keys
- Wallet addresses
- Detailed transaction history
- Funds and crypto-assets
- Banking information (IBAN, credit cards)
Waltio only holds your email and does not request any personally identifying information.
Risks for users
The main risk from this incident is phishing and social engineering. Attackers may use contextual data to attempt scams.
Key points to remember:
- Waltio will never ask you to transfer funds to "secure" them
- Waltio will never contact you by phone, SMS, or postal mail
- Be cautious with urgent or suspicious messages
Immediate measures recommended
To protect your personal information and reduce the risk of scams:
- Change the email address used for crypto services. Ideally: a dedicated email, without your name, used only for crypto services
- Check if your email or phone number is exposed in other public leaks
- Be extremely cautious with incoming calls. Never call back unknown numbers provided by unsolicited contacts
- Reduce your digital footprint and limit personal information visible online
- Avoid public exposure of your crypto holdings
- Separate personal identity from crypto activities
These best practices are recommended for everyone, regardless of this incident.
You can also check if your data has been exposed here:
https://bonjourlafuite.eu.org/
As well as on Waltio's official site: https://www.waltio.com/blog/news/security-notice-january-23rd/
Waltio's actions
- In-depth technical investigations
- Full review of historical configurations
- External cybersecurity experts engaged
- Continuous reinforcement of security controls
- Direct communication to potentially affected users
- Notification to CNIL
- Filing a complaint and cooperating with authorities
Conclusion
This breach does not affect your funds or keys. The primary risk is social and contextual.
Stay vigilant, follow our security advice, and use the verification link to check if you are impacted.
💡 Exceefy always recommends securing your crypto assets and checking your emails to prevent phishing.
