As a seasoned crypto investor with a knack for staying informed about the latest developments in the digital currency world, this Tangem fiasco has left me rather unsettled. I’ve been around long enough to know that security should always be of utmost importance when it comes to handling users’ private keys, and exposing them via emails or any other means is simply unacceptable.
The fact that the vulnerability was brought to light by Redditors and not by Tangem itself raises a red flag. It seems as if the company downplayed the issue when it was first pointed out, which only adds fuel to the fire of mistrust among its user base.
Moreover, the deletion of the original Reddit post discussing the glitch further fuels suspicion and raises questions about transparency. In my book, cover-ups never bode well for a company’s reputation.
On the positive side, Tangem did eventually acknowledge the issue and issued a fix to prevent further leaks. However, their response seems to have been rather muted, which is concerning given the gravity of the situation. I believe that a more proactive approach would have gone a long way in reassuring users and restoring trust.
In light of these events, I’d advise all Tangem users to exercise caution and promptly update their mobile applications to avoid any further seed phrase leaks. As for me, I’ll be keeping a close eye on this situation and will think twice before entrusting my digital assets to a provider that seems to have such questionable practices.
Lastly, let’s not forget the irony of a cryptocurrency wallet provider putting users’ funds at risk due to an old-school email vulnerability – it’s like a digital safe being compromised by a skeleton key!
The wallet service provider, Tangem, has resolved a significant security issue within their mobile application. This issue allowed some users’ private keys to be obtained through emails instead of securely stored within the app itself.
The solution arose following repeated accusations by Reddit users, who claimed that Tangem had endangered investor funds by disclosing private keys through email accounts and to Tangem’s own staff.
On December 29th, a Reddit conversation about Tangem’s business practices gained momentum, with allegations that the wallet provider had been secretly obtaining private keys via emails. The Redditor u/areklanga also stated that Tangem had not responded adequately when this issue was raised earlier.
“So, user private keys remain in both user email history, Tangem email history, and perhaps in some Tangem ticket tracking system and are available for Tangen employees. Which makes all Tangem users compromized.”
Additionally, they asserted that the initial Reddit post discussing the malfunction had been removed for unknown reasons.
Tangem issued a timely bug fix
On December 30, Tangem admitted to encountering an issue and traced it back to a software bug within their mobile app’s data logging process. They have since confirmed that this problem has been completely fixed. Additionally, they offered further details about the incident:
“What was the issue? When creating a wallet with a seed phrase, the private key was mistakenly logged in the application’s logs. These logs could later be accessed during interactions with our support team.”
On Tangem’s official site, there was no information provided regarding the specifics of the update made on December 30 to their mobile app.
Tangem also stated on Reddit that all logs and attachments they received through their support team have been permanently erased, leaving no trace of any leftover information.
Tangem accused of downplaying the situation
Based on the information from the company, it appears that a security issue known as the seed phrase leak bug impacted a limited number of users. They are actively contacting these users to provide advice and assistance.
“It could have affected a very limited group of users: specifically, those who used a generated seedphrase, then immediately submitted a support request through the app. It does not affect any other users.”
On December 30, Tangem released an update aimed at halting ongoing issues with seed phrase leaks. However, some members of the cryptocurrency community criticized Tangem’s seemingly subdued reaction to the situation. Tangem failed to respond to a request for comment from CryptoMoon.
On December 31st, Tangem has not publicly announced any updates through their official platforms like Twitter, Discord, or Telegram. It’s essential for all Tangem users to promptly update their mobile apps to prevent potential seed phrase leaks.
Read More
- HBAR PREDICTION. HBAR cryptocurrency
- IMX PREDICTION. IMX cryptocurrency
- STEEM PREDICTION. STEEM cryptocurrency
- LDO PREDICTION. LDO cryptocurrency
- JTO PREDICTION. JTO cryptocurrency
- POL PREDICTION. POL cryptocurrency
- TRB PREDICTION. TRB cryptocurrency
- MNT PREDICTION. MNT cryptocurrency
- COW PREDICTION. COW cryptocurrency
- TNSR PREDICTION. TNSR cryptocurrency
2024-12-31 11:52