French crypto tax firm Waltio is being extorted by crypto hacking collective ShinyHunters, which claims to have stolen the non-public particulars of virtually 50,000 customers and is now threatening to leak them.
Native media studies that Waltio, which calculates taxes due for crypto holders, has filed a authorized grievance with the cybercrime unit of France’s Public Prosecution workplace for tried extortion and the assault on its information methods.
Ce vendredi matin, nous avons déposé plainte pour tentative d’extorsion et atteinte à un système de traitement automatisé de données.
Le 21 janvier 2026, nous avons été destinataire d’une tentative d’extorsion. Celle-ci semble faire suite à une attaque particulièrement…
— Waltio (@Get_Waltio) January 23, 2026
A press release from Waltio was uploaded to X yesterday.
ShinyHunters was in a position to present Waltio with a pattern of the stolen information, however Le Parisian studies that banking, tax, and administrative information wasn’t included.
Waltio claimed in a safety replace that, “Our investigations show that this was not an active intrusion on our current production infrastructure; Waltio services are functioning normally, and user accounts and the production infrastructure are secure.”
It didn’t reveal what precisely led to the leak, and Waltio pressured that “no data allowing access to your crypto assets has been compromised.”
Earlier ShinyHunters assaults have seen it extort telecommunications big AT&T out of six bitcoins value $373,000, threaten to launch information stolen from Ticketmaster, and goal plenty of main Indian crypto exchanges.
The group works by extracting giant quantities of knowledge earlier than demanding a crypto ransom for its return.
Crypto customers have change into more and more frightened in regards to the danger of bodily assaults, often called “wrench attacks,” and plenty of frequent crypto-related kidnappings in France helped gasoline this panic.
Leaks similar to Waltio’s, in addition to these impacting bigger crypto firms similar to Coinbase and Ledger, can expose the main points of customers to on-line felony markets the place would-be kidnappers can purchase that information and use it to focus on people.
It additionally exposes customers to potential social engineering makes an attempt, whereby criminals try and cross themselves off as an authority determine to trick victims into giving up key login credentials.
Waltio additionally warned any impacted customers that the “main risk” following this hack is “targeted fraud: phishing, phone calls, SMS messages, and impersonation of customer service representatives.”
