Tangem, a cryptocurrency wallet service, has solved a critical security hole in its mobile app that may have exposed user seed phrases. Reddit users chastised the corporation for potentially endangering customer funds, leading to the discovery of the problem. A user brought attention to the fact that Tangem personnel and users could access the private keys stored in email history.
Tangem acknowledged the issue in response to growing concerns, noting that a fault in the app’s log processing caused the vulnerability. The app incorrectly logged the private key when creating a wallet with a seed phrase, potentially making it accessible during conversations with the support team. Tangem confirmed that the issue only affected a small subset of customers: those who generated seed phrases and promptly contacted assistance.
The company affirmed that there was no compromise of private keys, loss of funds, or occurrence of unlawful access. To guarantee user safety, all logs and attachments received by the support team were permanently destroyed. Consumers chastised Tangem for their lack of proactive communication, noting the absence of announcements regarding the problem on its social media sites.
