Layer 1 blockchain Near Protocol informed users about a bug it discovered in June that revealed sensitive information to a third party.
The network announced this in a blog post released on August 4 saying it was able to rectify the issue on the same day.
According to the post, “a code change nevertheless resulted in the collection of sensitive data for some users who had used email or SMS recovery with their wallets.”
Fortunately, blockchain security company Hacxyk noticed the bug and reported it to the team, who quickly fixed it. In addition, Hacxyk got a bounty reward for the alert.
The network claimed that its wallet team immediately handled the situation by scrubbing “all sensitive data” and identifying those who might have had access to it.
“To date, we have found no indicators of compromise related to the accidental collection of this data, nor do we have reason to believe this data persists anywhere,” it added.
The announcement comes amid the series of exploits and hacks that have rocked the crypto space in August.
Nomad Bridge lost over $190 million to a “decentralized robbery.”
Celsius announced that a malicious third party might have breached users’ data through a leak from an employee of its messaging partner, Customer.io.
Additionally, thousands of Solana wallets got drained in an attack that lasted for hours and resulted in a loss of over $5 million.
With the almost breakneck speed of exploits, Near Protocol is also sharing its experience and alerting users so they can be extra careful and take all necessary steps to prevent exploits.
Thus, it asked users who used their SMS or email for account recovery to rotate their keys to be on the safer side. They can do this on wallet.near.org.
Meanwhile, the network stated it would no longer let users use their SMS or email for recovery when they create an account.
It also advised users to opt for cold wallets like Ledger, which offers more security. In addition, users should never give out their private or recovery keys.