On June 23, 2026, SecondFi — the neofinance platform that recently succeeded the Yoroi wallet — announced that it had identified a security issue affecting a small number of Cardano wallets. The app was placed into maintenance mode, and some interactions were paused while the engineering team works on a full recovery.
If you hold ADA or Cardano-native tokens, here's a clear breakdown of what happened, how to think about whether you're affected, and what to do about it.
What happened
SecondFi's official X account posted the following:
"We identified a security issue impacting a small number of Cardano wallets on our platform. We have contained the issue and paused the affected functions. Our engineering teams are actively working to restore full functionality to the platform."
The app was subsequently placed into temporary maintenance mode. The team also warned users to watch out for fake support accounts and impersonators attempting to exploit the situation.
SecondFi's announcement describes this as a platform-level issue — the affected functions were paused on their app. There is no official indication that the Cardano network itself was paused or affected.
What this is NOT
It's important to understand what this incident does not appear to be — though SecondFi has not yet disclosed the root cause, so some caution is warranted:
- SecondFi's announcement does not describe this as a Cardano blockchain, staking, or consensus-layer issue. The announcement refers to "affected functions" on the SecondFi platform only. No chain-level vulnerability has been reported.
- There is no official indication that other Cardano wallet apps are involved. Wallets like Eternl, VESPR, Lace, Typhon, Nami, and Flint are not mentioned in SecondFi's announcement. However, if you ever used or restored the same wallet seed in SecondFi/Yoroi after the update, that wallet — regardless of which app you open it with today — could be at risk.
- Hardware-wallet users are less likely to have private-key exposure because keys normally remain on the device and never touch the app. That said, the root cause has not been published, and a hardware user who signed a malicious transaction through SecondFi/Yoroi after the update could still have been affected — the safest assumption is to treat any SecondFi/Yoroi wallet as potentially compromised.
Who may be affected
SecondFi described the issue as impacting "a small number" of wallets, and has not yet published the technical root cause or the specific conditions that expose a wallet. The safest precaution:
If you used the SecondFi app (or the Yoroi app after it was updated to SecondFi) and generated any transaction after the Yoroi-to-SecondFi transition and before or around the June 23 maintenance announcement — sending ADA, staking delegation, governance voting, DRep delegation, swaps, or any on-chain action that paid a fee — treat that wallet as potentially at risk.
Heads up: We don't yet know exactly which transactions or conditions triggered the vulnerability — SecondFi hasn't disclosed that level of detail. The recommendation below is a best practice precaution, not a confirmed list of affected actions.
What "at risk" means
If the vulnerability involved private-key or signing-path exposure, an attacker could potentially drain the wallet even while the SecondFi app itself is in maintenance mode — they don't need the app's frontend to construct transactions. Do not assume that maintenance mode alone protects an at-risk wallet.
Who is likely NOT affected
You are likely not affected by this incident if:
- You never used SecondFi/Yoroi after the update, and never restored an existing wallet seed into SecondFi/Yoroi.
- You exclusively use a hardware wallet (Ledger / Trezor) and the device was never used to sign transactions through SecondFi/Yoroi after the update. Hardware-wallet users are less likely to have private-key exposure, because private keys normally stay on the device, but you should still review any transaction you signed through SecondFi/Yoroi — the safest approach is to treat the wallet as potentially compromised if you signed any transaction there.
- You use Eternl, VESPR, Lace, Typhon, or another Cardano wallet and the wallet/seed was never touched by SecondFi/Yoroi after the update.
The key question is whether that specific wallet or seed phrase was ever used in SecondFi/Yoroi after the SecondFi transition — the app name you use today is irrelevant.
What to do if you may be affected
If you transacted from SecondFi/Yoroi after the update, here's the recommended action plan:
Step 1: Create a new wallet in a different app
Use a well-known Cardano wallet listed in Cardano's wallet finder, such as Eternl or VESPR, after verifying you are using the official app or site. These wallets are not named in SecondFi's incident announcement.
Step 2: Back up your new recovery phrase
Write down the recovery phrase exactly as shown by the wallet — on paper only. No screenshots, no cloud storage, no digital copies. Store it securely offline.
Step 3: Transfer your funds — from another wallet app if possible
Because SecondFi is in maintenance mode, you may not be able to send transactions from the SecondFi frontend right now. However, if your wallet uses a standard Cardano seed phrase, you may be able to restore it in another trusted Cardano wallet (like Eternl or VESPR) using your recovery phrase and move your funds without waiting for SecondFi's frontend to come back.
If you can safely restore the wallet in a different trusted app:
- Send a small test transaction first to confirm everything works.
- Then transfer your remaining ADA and Cardano-native tokens to your new wallet address.
If you cannot restore the wallet in another app, or you're unsure how to do so safely, follow SecondFi's official guidance and wait for them to restore functionality — and beware of fake support accounts.
Step 4: Re-delegate staking (if applicable)
If you were staking ADA, re-delegate to your chosen stake pool from the new wallet.
Step 5: Stop using the old wallet
Do not use your old SecondFi/Yoroi wallet for any new transactions. Treat it as retired.
If you can't access your funds right now
If you're unable to restore the wallet in another app and must wait for SecondFi's frontend:
- Wait for SecondFi to restore functionality — they have stated they are working on a fix.
- Monitor your wallet address using a read-only blockchain explorer. If an unexpected outgoing transaction appears, the wallet is actively compromised.
- Do not respond to DMs from anyone claiming to be "support" who offers to help you move funds. These are almost certainly scammers.
- Once the app is operational again, proceed immediately with steps 1–5 above.
Bottom line
SecondFi's announcement describes a wallet-app security incident; it does not describe this as a Cardano chain, staking, or consensus-layer event. The core question is simple: was your wallet seed ever used in SecondFi/Yoroi after the update? If yes, create a new wallet in a different app and move your funds.
If you never touched SecondFi/Yoroi with your wallet, there is currently no official indication that you are affected.
Stay safe out there, and never share your seed phrase with anyone — including people who claim to be from "support."
Not financial advice. This article is for informational purposes only. Always do your own research before transferring crypto assets.