Layer 1 blockchain Near Protocol informed users about a bug it discovered in June that revealed sensitive information to a third party.
The network announced this in a blog post released on August 4 saying it was able to rectify the issue on the same day.
According to the post, “a code change nevertheless resulted in the collection of sensitive data for some users who had used email or SMS recovery with their wallets.”
Fortunately, blockchain security company Hacxyk noticed the bug and reported it to the team, who quickly fixed it. In addition, Hacxyk got a bounty reward for the alert.
The network claimed that its wallet team immediately handled the situation by scrubbing “all sensitive data” and identifying those who might have had access to it.
“To date, we have found no indicators of compromise related to the accidental collection of this data, nor do we have reason to believe this data persists anywhere,” it added.
The announcement comes amid the series of exploits and hacks that have rocked the crypto space in August.
Nomad Bridge lost over $190 million to a “decentralized robbery.”
Celsius announced that a malicious third party might have breached users’ data through a leak from an employee of its messaging partner, Customer.io.
Additionally, thousands of Solana wallets got drained in an attack that lasted for hours and resulted in a loss of over $5 million.
With the almost breakneck speed of exploits, Near Protocol is also sharing its experience and alerting users so they can be extra careful and take all necessary steps to prevent exploits.
Thus, it asked users who used their SMS or email for account recovery to rotate their keys to be on the safer side. They can do this on wallet.near.org.
Meanwhile, the network stated it would no longer let users use their SMS or email for recovery when they create an account.
It also advised users to opt for cold wallets like Ledger, which offers more security. In addition, users should never give out their private or recovery keys.
What do you think about this subject? Write to us and tell us!
Trusted
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
