Does Tangem Wallet reveal users' private keys via email?

The cryptocurrency community is reeling over information that Tangem's hard wallet has encountered a serious security flaw, potentially exposing users' private keys — the key to their entire digital assets — via email.

The incident came to light after a Reddit user named u/areklanga posted a post on December 29, accusing Tangem of accidentally revealing the user's private key in email history. It is worth mentioning that, according to this person, this security flaw has already been detected before but Tangem has not had any satisfactory response or corrective action.

Specifically, u/areklanga says that a user's private key can be accessed through a variety of sources, including:

• User email history:When creating a wallet with a seed phrase, the private key is recorded in the user's email.
• Tangem Email History:Private keys can also exist in Tangem's email system.
• Tangem Support System: Private keys can be stored in Tangem's support request tracking system, where the company's employees can access it.

This means that users' most sensitive information, which is known as a “universal key” to unlock cryptocurrency wallets, could be exposed to third parties and cause untold financial losses.

Faced with a wave of criticism from the community, Tangem officially acknowledged the incident on December 30. The company said the cause stemmed from a bug in the mobile app's log processing, which caused private keys to be accidentally recorded. This error was then “completely fixed”.

However, Tangem was accused of deliberately downplaying the severity of the incident. The company confirmed that only a small group of users were affected, namely those who created wallets using the recovery phrase and immediately sent a request for support through the application.

Despite releasing an update to patch the bug, Tangem has been criticized for its delayed response and lack of transparency. As of December 31, the company has not yet made any official announcements on social media channels such as Twitter, Discord or Telegram.

To ensure the safety of their digital assets, all Tangem users are advised to immediately take the following steps:

1. Update the Tangem mobile app to the latest version.
2. Keep a close eye on official announcements from Tangem.
3. Consider transferring assets to another wallet if you feel security concerns.

This incident raises a big question mark about information security in the cryptocurrency sector. Users should exercise extreme caution in choosing and using cryptocurrency wallets, and stay up to date with security knowledge to protect their assets.