Google has just announced a security breach that could let an attacker gain access to your device

As if the world was not scary enough: according to Google, your most reliable security measures could be secret vulnerabilities.

On Wednesday, Google announced on its security blog that it found a bug in the Bluetooth Low Energy (BLE) version of its Titan security key, exposing users to a potential attack when pairing the device via Bluetooth. These keys are an inexpensive two-factor authentication method that provides an additional layer of security when logging into your Google Account.

According to Google, "it is possible for an attacker who is physically close to you when you use your security key to (a) communicate with your security key or (b) communicate with the device to which your key is associated. "

The chances of you being affected by this vulnerability are relatively small. The circumstances that should line up include a nearby attacker (less than 10 yards away), who is able to schedule his attack at the exact moment you log in with your security key.

Hackers could then connect their device and take advantage of the two-factor authentication offered by the Titan key, or make their device a key and connect to your laptop. In this scenario, they should always have your user name, your password, and the date of their attack perfectly.

They could also use their device as a Bluetooth accessory, such as a keyboard, to take control of your computer.

This is not likely to happen when you sit and work in your average café. If people want your information so badly, it's probably more likely that they're waiting for you to log in and physically steal your laptop. However, you should know that such vulnerabilities are revealed because it is ultimately your responsibility to protect your personal information and that of your company from bad actors.

Although the chances are low for the average user, the consequences could be considerable. If, for example, you are the victim of this attack while connecting to your company intranet or customer database, you may expose sensitive or personal data that can be accessed or modified.

To find out if you may be concerned, check the back of your key. If it is marked T1 or T2, Google will replace it for free. Go to google.com/replacemykey to request a new version that is not affected by this vulnerability. In the meantime, Google recommends that you continue to use your key because the security protection provided usually outweighs the risk of you becoming a victim of this vulnerability.