"Cloudbleed" is the term being used to refer to an Internet security nightmare. Yesterday, Cloudflare, a web performance company that provides security services to hundreds of thousands of domains such as Fitbit, OkCupid, and Uber, revealed that it was affected by a serious bug that exposed data from some of the sites that use it.
Incident report on memory leak caused by Cloudflare parser bug - https://t.co/rTZ4bFw3uJ
— Cloudflare (@Cloudflare) February 23, 2017
"The bug was serious because the leaked memory could contain private information and because it had been cached by search engines," Cloudflare explains in a blog post on the matter.
Information from one site using Cloudflare's services could have ended up embedded on another. The cause of the exposed data — a faulty piece of code — has since been fixed, and Cloudflare says that it has "not discovered any evidence of malicious exploits of the bug or other reports of its existence."
AdvertisementADVERTISEMENT
Still, if you have an account of any of the websites that use Cloudflare, it's worth taking the safe road and changing your password. Cloudflare has not revealed which domains suffered from the memory leak, except for confirming that 1Password, a password manager, was not affected.
No 1Password data was put at risk through the bug reported earlier today. https://t.co/S7G62Qw85Q
— Cloudflare (@Cloudflare) February 24, 2017
When setting up a new password, follow these steps to make it more secure. And remember: When in doubt, always enable two-factor authentication.
AdvertisementADVERTISEMENT