Since January 1, 2026, the European DAC8 directive has strengthened the traceability of crypto transactions, at a time when kidnappings and assaults related to digital assets are on the rise in France. In this report, we decipher what this new transparency means for French investors, with insights from Cédric Fontaine, former military and police officer, CEO of Lima Groupe.
In an effort to improve fiscal transparency, France and its neighbors are implementing increasingly strict regulations concerning cryptocurrencies and their holders. Since January 1, 2026, the European DAC8 directive requires crypto-asset service providers to submit complete information about their customers to the tax authorities. At the same time, a French amendment also plans to make it mandatory for individuals to declare their cold wallets worth more than €5,000 annually.
While undoubtedly well-intentioned, France is nevertheless putting digital asset holders at risk. This new initiative creates a critical vulnerability, namely a centralized digital database that criminals can exploit.
France is definitely in crisis, with a wave of data leaks (including a potential leak from the Ministry of the Interior), a series of kidnappings on the rise in the country, and state protection deemed insufficient. This unprecedented situation makes the country a prime target for organized crime, unfortunately pushing investors to protect themselves through private services or simply to leave the country. Can we really blame them?
A desire for transparency at any cost
This marks the end of an era in France. Since January 1, 2026, the DAC8 directive has transformed the tax landscape for crypto holders in Europe. According to the European Commission, this regulation will require CASPs (Crypto Asset Service Providers), the European equivalent of PSANs (Prestataire de Services sur Actifs Numériques) in France, to collect and then transmit detailed information on their clients’ transactions to the tax authorities.
It should be noted that France had already implemented measures on this subject. Indeed, the mandatory declaration of crypto accounts held abroad is required via the CERFA 3916-bis form, with penalties of up to €1,500 per undeclared account if the assets exceed €50,000. However, wallets with a balance of less than €5,000 are currently exempt from this obligation, as Grégory Raymond points out in his tweet:
🟥 Info @TheBigWhale_ I Crypto taxation
A communist amendment was adopted on Tuesday by the National Assembly committee
It proposes to require holders of self-custody crypto wallets (@Ledger, @Metamask, @Rabby_io, @DeblockApp, etc.) to bring them to the attention of… pic.twitter.com/ywJ8ylomxZ— Grégory Raymond 🐳 (@gregory_raymond) December 11, 2025
According to the European Commission, these measures aim to combat tax fraud and money laundering. France will now be able to track activities carried out via cryptocurrency platforms, leaving auto-generated wallets out of reach for the time being, as consulting firm Deloitte rightly points out:
In practice, member states will be aware of the digital asset activities carried out by each individual, enabling their tax authorities to compensate for any omissions in tax returns.
Unfortunately, this measure centralizes all sensitive information in government databases, a perfect target for hackers, especially given that data leaks are becoming increasingly common in France.
Data leaks from the private sector to the state: a godsend for criminals
In recent years, France has seen a sharp increase in data leaks, affecting both public institutions and private companies. According to an investigation by France 2, the television channel reported:
An explosion of data leaks affecting many French companies and public services.
Even more worrying is that between 2021 and 2024, the identity documents of at least 14 million French citizens were compromised following intrusions on municipal platforms.
Crypto companies have not been spared either, and some are also unable to protect their customers’ sensitive data. In July 2020, French unicorn Ledger, a hardware wallet manufacturer, suffered a massive leak exposing approximately one million customer email addresses, just over 250,000 postal addresses, and phone numbers, with 16,000 French customers directly affected.
Following this hack, the stolen data was then sold on dark web forums. In October 2024, the CNIL imposed a record fine of €750,000 on Ledger for insufficient security measures. However, this fine did not restore the victims’ privacy or compensate those who subsequently suffered harassment from phishing emails or letters.
The consequences of this leak proved disastrous for cryptocurrency holders. According to this article in Le Monde in 2024, the media reported that:
The CNIL told Agence France-Presse that Ledger had “failed to sufficiently protect its customers’ data” following two data breaches in 2020 involving the personal data of the company’s customers and prospects.
To be clear, Ledger was indeed the victim of an unequivocal leak in July 2020 on its Shopify-hosted website, exposing 270,000 customer records. This was followed by a subsequent breach in which dishonest Shopify employees exported additional data affecting 290,000 other Ledger customers.
At the beginning of 2026, the company was once again the target of a leak via its e-commerce partner Global-e. The incident exposed the personal information of certain customers who had made purchases via the platform.
A recent investigation also revealed that cybercriminals had compiled comprehensive profiles of their targets following several leaks over the years, including the Free data leak in 2024. Cybersecurity expert Clément Domingo explains:
The group of cybercriminals behind this operation most likely cross-referenced the postal information of cryptocurrency users with other data leaks.
More recently, the Ministry of the Interior suffered a data hack on the night of December 11-12, 2025. The cyberattack, claimed by the BreachForums hacker group, targeted the department’s email servers. They then described the details of their attack on their forum, specifying that they had accessed sensitive databases, including criminal records (TAJ), the wanted persons file (FPR), and the interconnected systems linking Interpol, the Directorate General of Public Finances (DGFIP), and the National Social Security Fund, giving them access to personal files and exposing more than 16 million individuals.
The hackers then issued an ultimatum to the government, giving them one week to negotiate, failing which the data would be sold to the highest bidder or made public, as explained by @AureaLibe in their tweet on X:
🔴🇫🇷 ALERT | Hackers claiming to have hacked the Ministry of the Interior reaffirm their ultimatum to the French government. If it does not negotiate, they threaten to sell or leak the alleged stolen data.
Their message:
“Hello everyone,
We are… pic.twitter.com/cq85hvgDJo
— Aurea (@AureaLibe) December 15, 2025
Despite this widely publicized hack, the government does not seem to realize the seriousness of the situation. In this regard, Interior Minister Laurent Nuñez downplayed the risks, stating on RTL that no “serious compromise” had been detected at this stage, while one person has already been arrested in connection with the case.
Nevertheless, this intrusion reveals a chilling vulnerability. Indeed, if a lone individual was able to penetrate the Interior Ministry’s systems, what would happen if organized or state-sponsored cybercriminals were to attempt the same?
To top it all off, the danger does not only come from outside. Last July, Le Parisien revealed that an agent from the Directorate General of Public Finances was suspected of passing confidential information to organized crime. If a tax agent can be corrupted and sell sensitive taxpayer data, how can the government guarantee the security of future DAC8-related databases?
A growing wave of kidnappings, a violent reality
Since 2023, France has seen a series of kidnappings targeting mainly cryptocurrency investors. The most publicized kidnapping was that of Ledger co-founder David Balland. The regional national gendarmerie stated at the time:
On the morning of January 21, 2025, a couple was kidnapped from their home in Vierzon, in the Cher department, by a team of criminals. David Balland is the co-founder of Ledger, a French company specializing in cryptocurrencies.
The ransom demand was clearly made in cryptocurrency, with the kidnappers providing video proof of life of the entrepreneur.
A few months later, in May, the father of another entrepreneur in the sector was also kidnapped and held hostage for nearly 48 hours near Paris. The criminals also demanded payment in cryptocurrency in exchange for the hostage. Another alarming fact is that the pregnant daughter of the CEO of Paymium narrowly escaped kidnapping in the 11th arrondissement of Paris.
On December 18, a couple of investors living near La Rochelle were held captive in their home. They were tied up and beaten for nearly two hours in order to gain access to their crypto wallet. According to local police sources, the attackers stole approximately $10 million in crypto and had very specific details about the amounts held by the victims, information obtained through a data leak found online.
Since then, the downward spiral has accelerated: in the space of just three days, France has seen three attacks, including attempted kidnappings and targeted assaults, illustrating a worrying shift where holding cryptocurrencies can become a physical risk factor for both investors and their loved ones.
The critical situation in France is clear. The more regulations make citizens’ cryptocurrency holdings transparent to the government, the more criminals will adapt their targeting strategy by focusing on sensitive data, proving the adage that to live happily, we must live hidden.
France’s inadequate response to security issues
Faced with the growing threat to cryptocurrency players, the government has put in place primary protection measures that reflect its lack of interest in this matter. The Ministry of the Interior has announced that:
Entrepreneurs in the cryptocurrency sector would have priority access to the 17 emergency number and receive briefings from elite French police units.
These measures are more symbolic than reassuring. Under no circumstances do entrepreneurs in the sector feel safer, as this does nothing to address the vulnerability of centralized data systems. Worse still, the government seems to be downplaying the scale of the threat, which is growing, as Cédric Fontaine, CEO of Lima Protection, points out:
Currently, the cost-benefit calculation favors criminals. The state will be powerless to act as long as the justice system remains lax.”
As a result of the country’s inability to protect its citizens, some of the wealthiest investors in cryptocurrency have turned to private security companies, creating a two-tiered security landscape within the country.
Demand for private security has skyrocketed, particularly among entrepreneurs and investors managing large portfolios. Jethro Pijlman, CEO of Infinite Risks International, a specialized protection company based in the Netherlands, shared his observation with Bloomberg:
We have received more requests, signed more long-term contracts, and seen an increase in proactive inquiries from cryptocurrency investors who don’t want to be caught off guard. They understand that smart security measures are now an integral part of their operating costs.
According to Bloomberg, Coinbase spent up to $6.2 million on personal security for its CEO, Brian Armstrong, in 2024 alone. This is a prime example of how “crypto VIPs” now have to spend a substantial seven-figure budget on their security.
Beyond close protection services, there are less expensive solutions such as those offered by Perimeter Lab. This French startup, founded by three former Ledger employees, offers a comprehensive audit that allows crypto investors to identify their vulnerabilities before they are exploited.
Thus, we have entered an era where state protection is insufficient and only the wealthiest can afford security commensurate with the growing threat, reflecting France’s collapse in terms of public safety.
France’s situation is worsening with these threats; we are on an upward slope. We see it in the number of requests we receive and in the number of people who are attacked, adds Cédric Fontaine.
Indeed, between the potential hacking of millions of pieces of data from the Ministry of the Interior, the government’s powerlessness in the face of the cybercrime entity BreachForums, and the implementation of DAC8 with its centralized database, France seems to be placing an obvious target on the backs of the French people without realizing the impact of its actions.
