Some serious security flaws have been discovered by this leading cloud storage service provider

There were many serious flaws in a major cloud storage service that made it possible for criminals to access even encrypted information, experts have discovered.

Five vulnerabilities in the Mega platform have been uncovered by ETH Zurich researchers, all of which centre on obtaining and interpreting an RSA key (a private key based on RSA algorithm).

The problems were found by the team towards the end of March and reported to the firm. A few fixes were made available soon after, while others are currently being worked on by the developer. It was claimed that the updates had no effect on user experience and don’t need users to reencrypt their data. They also don’t have to produce any new keys or alter any passwords.

Disgruntled workers will find this ideal

Patches not being available for all faults is unfortunate, but Mega hasn’t yet seen anybody take use of them in the wild. There is no set date for the delivery of the remaining patches.

According to a video presentation of the weakness by the researchers, an attacker would require at least 512 login attempts to get access to an endpoint. As a result, the vulnerabilities would not be practical for outsiders. Moreover, they would require access to Mega’s servers.

A very different narrative is told by insiders or dissatisfied personnel.

It’s “frightening and intellectually interesting to witness how apparently harmless cryptographic design shortcuts adopted over a decade ago backfire,” Mega said in a statement.

As a result of the wide spectrum of cryptographic defects that have been discovered, there is a feeling of relief.”

The vulnerability and MEGA’s defences may be discovered at this site.