If you value personal privacy above all else then BlackPhone is the phone for you. At least that was the pitch when the super-secure handset first hit the market, though it might not have been totally true.

A huge hole in the phone’s SilentCircle messaging app spotted by Azimuth Security means breaking into someone’s BlackPhone was actually pretty easy. All you needed to know was their phone number. Using that information you could decrypt and read messages, access the user’s location and scan their contacts. Hackers could even use the messaging app as a vantage point to attack other parts of the operating system.

Thankfully, Azimuth Security tipped off the company before publishing its report, and the issue has already been corrected. If you do own a BlackPhone you may want to double check your own account. It’s also possible we could see other security issues pop-up for the privacy-focused handset down the line, though for now there’s no reason to suspect anything else is wrong with the device.