According to EMURGO's incident report released on June 25, the Cardano-based wallet service SecondFi will cease operations permanently following a security breach on June 22. The wallet, a rebranded version of Yoroi and described by EMURGO as Cardano's largest wallet provider, will not resume normal operations even after security audits are completed. The hack compromised 374 addresses, resulting in the theft of approximately 16 million ADA (worth roughly $2.4 million at the time). EMURGO also secured around 129 million ADA through emergency measures.
EMURGO stated that compromised wallets at the address and private key level should be considered permanently exposed, and recovering seed phrases to other wallets cannot eliminate the risk. The team plans to roll out an isolation wallet state checking tool this week, followed by security export tools and an offline migration workshop in Tokyo. EMURGO is also establishing a dedicated recovery fund pending external audit completion to reimburse affected users.