SecondFi pauses Glacier Drop redemptions after reported wallet security incident

SecondFi, the Cardano wallet platform formerly known as Yoroi, said Glacier Drop redemptions were temporarily suspended after a reported security incident affecting its wallets. The pause was described as precautionary while the company and related teams reviewed the situation.
The official Midnight Network blog post on the temporary suspension of Glacier Drop redemptions said the action followed a reported security incident at SecondFi, but it did not provide a full breakdown of affected wallets or confirm whether funds were drained.
Available third-party coverage described the incident as a Cardano wallet breach tied to SecondFi’s wallet-generation software and said the company was working on a recovery plan. One report said the vulnerability involved deterministic nonce derivation, which allegedly allowed external actors to reconstruct private keys using publicly available on-chain data. That account should be treated as reported detail from secondary coverage unless and until fully confirmed in official follow-up.
The same coverage indicated operations were paused while security reviews continued. It also said the issue was limited to SecondFi’s wallet software rather than the Cardano protocol itself.
What remains unclear is the full scope of wallets affected, whether any additional losses occurred beyond the initial reports, and how the Glacier Drop pause will affect redemptions going forward. Based on the available sources, the incident is still being handled as an active security matter, with further confirmation pending from the project.






