Durov Accuses French Tax Officials of Selling Crypto Holders' Data to Kidnappers

In a post on X, Pavel Durov, the founder of Telegram, alleged that French tax officials are selling the personal details of cryptocurrency holders to criminal organisations. He added that authorities are simultaneously failing to address what he described as 'massive' security breaches in their own tax databases.

Allegations Focus on Tax Data and Criminal Targeting

Durov's post appeared as France grapples with an unprecedented surge in cryptocurrency-related kidnappings. According to Le Monde, one of France's most widely read newspapers, more than 40 cases of kidnapping or hostage-taking linked to cryptocurrency have been recorded since the beginning of the year. The majority of incidents have targeted wealthy cryptocurrency holders and their family members.

The allegations gained further credibility following a separate legal case reported by Le Parisien. Ghalia C., a French tax official, was charged with illegally using government software to obtain the home addresses and asset holdings of cryptocurrency investors, then selling that information to organised crime groups.

Government Data Breaches Compound the Risk

Beyond the alleged insider threat, France has also suffered external data breaches affecting government infrastructure. Earlier this month, the National Agency for Secure Documents confirmed a security incident that potentially exposed personal and professional account data stored on the government portal. The full scope of that breach has not yet been disclosed.

The Keynap Perspective

If the allegations prove accurate, they represent one of the most serious threat vectors for cryptocurrency holders: state-adjacent data leakage. Criminals would not need to build intelligence profiles from scratch. They would simply purchase verified, government-sourced records identifying who holds assets, what those assets are worth, and where the holder lives.

This threat is distinct from typical OSINT exposure. You cannot remove yourself from a tax database. You cannot change what you have declared. What you can control is what happens next: how visible your home address is, how predictable your daily movements are, and how prepared your family is to respond.

• ·Assume that your declared wealth may already be known to criminal networks operating in France
• ·Ensure your residential address is not linked to your public identity, company registrations, or social media profiles
• ·Brief family members on security protocols and the risk of being used as leverage
• ·Vary your routines and reduce predictability at key transition points: home, school runs, and commuting
• ·Consider a professional threat assessment to understand your current exposure across digital and physical dimensions
• ·Engage legal and security counsel if you believe your data may have been compromised through a government channel

Source: X (formerly Twitter) post by Pavel Durov, April 2026. Reporting via Le Monde, Le Parisien.