French authorities have opened a preliminary investigation into a data breach at cryptocurrency tax platform Waltio following reports that user information was compromised.
The probe is being led by the Paris Public Prosecutor’s Office alongside France’s National Cyber Unit after alerts from national cybersecurity officials.
Investigators are assessing the scope of the breach and the type of personal data accessed during the incident.
French cybersecurity authorities warned that affected users could face targeted scams designed to trick them into transferring digital assets.
Officials said attackers may pose as security staff or tax advisers to exploit fear around compromised accounts.
A notice from authorities urged users to remain vigilant against unsolicited messages linked to crypto security concerns.
A report by French newspaper Le Parisien said a hacking group known as Shiny Hunters claimed responsibility for the breach.
The report said the group sent a ransom demand to Waltio after exfiltrating user data from the platform.
Hackers reportedly accessed personal data belonging to around 50,000 Waltio users.
The majority of affected users were said to be based in France, according to the report.
Waltio provides tax calculation and reporting services for cryptocurrency holders navigating complex tax obligations.
French authorities said the breach could expose users to identity theft and social engineering attacks.
Cybersecurity officials noted that crypto users are increasingly targeted after personal data leaks.
Criminal groups often use leaked names, addresses, and asset details to pressure victims.
Authorities warned that extortion attempts may escalate beyond online threats in rare cases.
Some attacks involve physical intimidation to force victims to hand over private keys or funds.
These incidents are commonly referred to as “wrench attacks” within the crypto community.
French officials confirmed that such attacks have occurred in France and other countries.
Law enforcement agencies said they are treating the Waltio case with heightened caution due to these risks.
Users affected by the breach were advised to secure accounts and avoid sharing recovery information.
Regulators reiterated that legitimate authorities do not request private keys or emergency transfers.