Blockchain.INFO today updated its web-wallet, which was earlier sacked by users over some security concerns.
According to the complaints available on Reddit and several other social media forums, Blockchain.INFO’s users were found to have been losing funds after using their web-wallet services via Tor. In lights of rising criticism, the company blocked all Tor exit nodes on temporary basis. It later announced to have received an SSL certificate for their .onion addresses and subsequently became the second company to receive so, after Facebook.
The company’s final act for improving its security system turned out be a software update, mentioned in the headline.
“When making a scheduled software update overnight to our web-wallet, our development team inadvertently affected a part of our software that ensures private keys are generated in a strong and secure manner,” reads the Blockchain.INFO blog. “The issue was present for a brief period of time between the hours of 12:00am and 2:30am GMT on December the 8th 2014. The issue was detected quickly and immediately resolved.”
The company further informed that only a little fraction of their user-base was affected by the aforementioned security loop. “We have sent an alert to all users who have potentially vulnerable addresses in their wallets, for which we have an email on file. We are committed to working with any affected users to assess and rectify any issues,” they added.
You can read the entire blog here.