Cryptocurrency wallet provider Tangem has fixed a critical security vulnerability on its mobile app that collected certain users’ private keys via emails.
The fix came after Redditors repeatedly called out Tangem for putting investors’ funds at risk by exposing their private keys on email accounts and to Tangem employees.
On Dec. 29, a Reddit discussion on Tangem’s operations gained traction, which accused the wallet provider of stealing private keys using emails. The Redditor, u/areklanga, further accused Tangem of not providing “any sensible reaction” when the issue was pointed out previously.
Tangem acknowledged the issue on Dec. 30 and stated the incident arose from a bug in the mobile app’s log processing, which had now been “fully resolved.” Tangem also provided a breakdown of the situation.
Tangem’s official website, which logs all version updates of its mobile application, did not mention the details about the Dec. 30 update.
Tangem also confirmed in its Reddit response that “all logs and attachments sent to its support team were permanently deleted, ensuring no residual data remains.”
While Tangem pushed out an update on Dec. 30 to prevent further leaks of seed phrases, the crypto community members called out the wallet provider’s muted response. Tangem did not respond to Cointelegraph’s request for comment.
Tangem has not made any official announcements on its official social media channels, Twitter, Discord, or Telegram, as of Dec. 31. However, all Tangem users are advised to immediately update their mobile applications to avoid seed phrase leaks.
