A French tax agent, referred to as Ghalia C., has come under intense scrutiny for allegedly accessing and selling sensitive information from internal databases of the French tax authority. Reports indicate that the information she provided was utilized by criminals in at least one violent assault on a prison officer and his wife, linked to a dispute involving smuggled mobile phones within the prison system.
In a troubling turn of events, Ghalia C. also reportedly inquired about individuals involved with cryptocurrency, potentially targeting those believed to possess significant digital assets. Such inquiries raise concerns about so-called “$5 wrench attacks,” where criminals use physical violence to force their victims into making irreversible transfers of cryptocurrencies like Bitcoin and stablecoins. This type of physical aggression is becoming alarmingly prevalent, alongside conventional online crypto thefts. A notable recent incident involved the exploitation of a situation similar to a television series, where cyber criminals executed a successful hack.
After losing an appeal, Ghalia will remain in custody following a hearing at France’s appellate court. Although she has acknowledged providing the information, she claims ignorance of the buyers’ intentions. In translated remarks, she expressed remorse, stating, “I gave information about this person. I knew nothing of what was done and I would like to ask forgiveness from this couple who were attacked.”
Prosecutors are building a case against her based on her reluctance to unlock her phone or disclose the identity of a potential accomplice. They argue that Ghalia’s actions amounted to an abuse of her official position, aiding a repeat offender. Beyond the crypto users and the prison officer attacked, she is alleged to have sold sensitive information about health inspectors, a judge, and even billionaire Vincent Bolloré.
The year 2025 has already seen record levels of physical crypto thefts, with a significant incidence of these crimes occurring in France. Some high-profile cases include the kidnapping of David Balland, co-founder of the crypto hardware wallet company Ledger, who was held for ransom alongside his partner due to their cryptocurrency assets. Another incident involved the father of a prominent crypto entrepreneur, who endured severe threats during a ransom scheme, though he was ultimately rescued by the police.
These alarming trends extend beyond France. For instance, a home invasion in San Francisco last year saw an perpetrator disguised as a delivery driver enter a residence, brandishing a firearm, and forcibly coercing a victim into transferring $11 million in cryptocurrency.
Amid these incidents, the relevance of Ghalia’s case is underscored by statistics revealing that in 2025, illicit transactions involving cryptocurrencies reached a staggering $154 billion, according to blockchain analytics firm Chainalysis. Ghalia was reportedly compensated through conventional mechanisms, such as bank cash deposits and Western Union transfers.
Although no direct connections have been established linking Ghalia’s data sales to specific crypto thefts in France, this situation highlights a worrying intersection between the careless management of personal data and the irreversible nature of digital currency transactions. As demonstrated further by a recent data breach at a payment processing firm utilized by Ledger, the vulnerability of sensitive information stored in centralized systems stands in sharp contrast to the autonomy promised by cryptocurrencies. Advocates for Bitcoin and privacy-centric technologies have frequently pointed out that the handling, processing, and storage of personal data by government and corporate entities pose significant operational security risks.
The continued prevalence of data mishandling suggests that without a significant uptick in security breaches, the call for a shift toward a model of individually controlled data—contrary to the current reliance on centralized databases—might not materialize.
