A sudden and alarming rise in crypto-linked kidnappings in France has ignited a fierce debate over data security, with Telegram CEO Pavel Durov directly attributing the violence to a massive leak of personal information from government sources. In a series of posts on X, Durov highlighted that 41 kidnappings of crypto holders have occurred in France in just the first 3.5 months of 2026, arguing that sensitive user data—including information held by tax authorities—is making investors easy targets for criminal networks.
French authorities have confirmed the surge, with officials reporting more than 40 kidnappings or attempted abductions since January, a sharp increase from roughly 30 cases reported in all of 2025. Philippe Chadrys of France's judicial police noted that the operations are often directed by networks operating from abroad, with methods ranging from short-term abductions to violent cases involving torture and ransom demands. In one brutal 2025 case, crypto industry figure David Balland had a finger cut off by attackers. Prosecutors have charged 88 individuals in connection with these crimes, including minors involved in at least a dozen cases.
Durov’s claims center on a leak from the Direction Générale des Finances Publiques (DGFiP), the French tax authority. He alleges an insider extracted large-scale tax records containing the financial profiles, wallet addresses, and estimated asset values of thousands of crypto holders. This data was then reportedly sold on the dark web to criminal organizations. Durov also asserted that tax officials are directly selling data, though this remains unverified. Adding to the crisis, Seb, President of the French Federation for Data Protection, revealed that France is on track to become the second most hacked country globally in 2026, with over 300 services breached, 23 million accounts compromised, and 250 million data records exposed since the start of the year. A major breach involving France’s Agency for Secure Documents (ANTS) exposed data from around 19 million people.
Experts warn that crypto wallets are attractive targets because they can be accessed instantly under duress, unlike traditional bank accounts. Durov criticized the French government's simultaneous demand for social media users' identities and private messages, arguing that expanding data collection without robust security will only create a larger target for criminals. He called for a balanced approach to security and privacy. The French Ministry of Finance has confirmed an ongoing internal audit of the DGFiP’s data handling procedures but has not commented directly on Durov’s allegations. Dr. Anne Moreau, a data privacy researcher at Sorbonne University, pointed to this as a classic insider threat, emphasizing that the solution lies in behavioral monitoring and data segmentation.
