Key Information
-
In June 2022, the Sonar Research team discovered critical code vulnerabilities in multiple encrypted email solutions, including Proton Mail, Skiff, and Tutanota.
-
These privacy-oriented webmail services provide end-to-end encryption, making communications safe in transit and at rest. Our findings affect their web clients, where the messages are decrypted, mobile clients were not affected.
-
The vulnerabilities would have allowed attackers to steal emails and impersonate victims if they interacted with malicious messages. Nearly 70 million users were at risk on Proton Mail alone.
-
The issue has been fixed and there are no signs of in-the-wild exploitation.
Now this, this is how you know a company really cares about it’s users. Sure $750 probably isn’t going to affect their bottom line much but still, it’s $750 just handed to some people for securing their customers.