Overview
- The Paris prosecutor’s cybercrime unit ordered a preliminary inquiry assigned to the National Cyber Unit, according to a government cybersecurity alert.
- Waltio says exposed data was limited to user email addresses and 2024 tax-summary information, with no passwords, exchange access, wallet addresses, or banking data compromised.
- The company reports it learned of the incident via a January 21 extortion attempt, filed a criminal complaint, and notified France’s data protection authority, CNIL.
- Authorities cautioned that criminals may exploit breached data and stressed that police will not request confidential information by phone or appear unannounced at homes.
- Investigators are probing scope and attribution amid uncertainty over a December dark‑web listing flagged by Brinztech, while reports naming Shiny Hunters and citing roughly 50,000 affected users remain unconfirmed.