It’s no longer safe to send confidential information by encrypted email, some experts say.

Researchers have discovered a vulnerability in PGP (Pretty Good Privacy), a data encryption method that had become the industry standard for encrypting and decrypting emails.

They say the vulnerability allows emails, including ones sent in the past, to be decrypted with an attack known as “Efail”.

The Electronic Frontier Foundation advises people to immediately disable email tools that automatically encrypt or decrypt with PGP.

In the meantime, the EFF recommends that people who need to send confidential information use standalone encrypted apps, such as Signal.  

Kane In Your Corner already accepts confidential news tips via Signal and other encrypted apps.

One provider of encryption software, GnuPG, says the EFF is exaggerating the seriousness of the issue.

It says the attack, known as “Efail,” only impacts a handful of email providers, and can largely be prevented by upgrading to the latest version of email and encryption software.