Durov Threatens to Pull Telegram from France as Crypto Kidnapping Wave Exposes State Data Risks

Telegram founder Pavel Durov issued a stark warning on April 24, 2026: Telegram would rather exit the French market entirely than hand over users' private messages and identity data to French authorities. His post, which went viral with over 110,000 views within hours, arrives amid an unprecedented wave of violent kidnappings targeting crypto holders in France — 41 cases in just 3.5 months — fueled directly by government data leaks.

France's Crypto Kidnapping Emergency

France has become the kidnapping capital of the crypto world. At least 41 violent abductions targeting cryptocurrency holders have been recorded in the first 3.5 months of 2026 alone — roughly one attack every two to three days. Victims are snatched from city streets and forced to transfer digital assets under duress. The wave has grown so severe that France now accounts for approximately 80% of all crypto-related violent crime in Europe.

The attackers are not random. They come equipped with names, addresses, asset estimates, and tax records. This precision targeting has one clear source: leaked government databases containing the financial profiles of French crypto investors.

The Tax Data Scandal: How the State Armed Criminals

At the center of the crisis is a French tax administration employee known publicly as Ghalia C., detained since June 30, 2025. Investigators found she had specifically searched internal government systems for cryptocurrency specialists and investors, then sold their personal data — names, addresses, asset holdings, and tax records — to criminal networks who used it to plan kidnappings and extortion attacks.

The breach was compounded by a separate incident at Waltio, a popular French crypto tax platform. Since at least December 24, 2025, sensitive records of over 5,000 French crypto investors have been circulating on dark web markets. Cybersecurity researchers from Cybernews confirmed the Waltio leak's connection to several recent abductions. Together, these leaks created a detailed targeting list for organized crime.

France Now Wants More Data — From Telegram

Rather than addressing these data breaches, French authorities are pushing in the opposite direction: demanding that social media platforms and messaging apps hand over users' identity documents and private message content. Durov described the demand bluntly: "The same state also wants IDs and private messages of social media users."

France has also been building a sweeping age verification infrastructure requiring platforms to confirm user identities for access to social media — creating government-linked identity touchpoints across the internet. For Durov, granting access to this data in a country where tax officials already sell user records to criminal gangs is not a regulatory inconvenience. It is an existential threat to user safety.

"More data => More leaks => More victims," Durov wrote. The logic is stark: every additional data point the state collects becomes a potential weapon against the very citizens it claims to protect.

Telegram's Red Line: Exit Over Compliance

Durov's position is unambiguous. Telegram will not grant French authorities backdoor access to private conversations. If forced to choose between compliance and market presence, the company will choose to leave. "That's why Telegram would rather leave the French market than give their corrupt bureaucrats access to private messages," he wrote.

This is not the first confrontation between Durov and France. In August 2024, Durov was arrested at Le Bourget Airport and indicted on charges related to criminal use of the Telegram platform. He spent months under judicial supervision before being permitted to travel. The new standoff over data access represents a direct escalation of that ongoing conflict between Telegram's privacy-first model and France's expanding surveillance ambitions.

What This Means for Privacy and VPN Users

The France crisis is a textbook case of why privacy advocates argue that government data collection is never truly safe. Every database the state assembles — tax records, identity documents, communications metadata — represents a target for corrupt insiders and external hackers. When authorities demand that platforms like Telegram centralize sensitive user data, they are not creating security. They are creating new attack surfaces.

For users who rely on encrypted communications and VPNs to protect their identities, the lesson is clear: jurisdictions that demand data access cannot guarantee it will remain secure. France's experience demonstrates that the question is not whether government-held data will be leaked, but when — and who will be hurt when it is.

Conclusion