Data compiled by Woofun AI shows that approximately $2 million was transferred from an immutable smart contract linked to an Aztec Labs payments product discontinued in 2021. The compromised system is a Stage 2 Rollup version that was deactivated in 2022. Because Aztec Labs does not retain admin keys or any governance authority over this legacy infrastructure, the organization is unable to pause operations or deploy upgrades to mitigate the breach.

The Aztec Foundation clarified that this security incident is entirely separate from the attack on the Aztec Connect product recorded on June 14.

Furthermore, the foundation emphasized that the affected legacy product has no association with the smart contracts governing the current network or the AZTEC ERC20 token, isolating the risk to the discontinued system.