Ecoclimber
Senior Member
- Messages
- 1,011
Massive Bug May Have Leaked User Data From Millions of Sites. So … Change Your Passwords
https://www.wired.com/2017/02/crazy-cloudflare-bug-jeopardized-millions-sites/
https://github.com/pirate/sites-using-cloudflare
Cloudflare security breach exposes data from Uber, Fitbit, OKCupid among 3,400 websites; password changes recommended
[ URL]https://9to5mac.com/2017/02/24/cloudflare-server-breach-cloudbleed-uber-fitbit-okcupid/[/url]
Cloudflare data leak potentially exposed trove of passwords, personal information for months
http://www.pbs.org/newshour/rundown...-trove-passwords-personal-information-months/
BY Andrew Wagner February 24, 2017 at 7:27 PM EST | Updated: Feb 25, 2017 at 5:25 AM
Cloudflare, an internet services provider that manages 10 percent of all web traffic, has been leaking assorted bits of customer information -- passwords, cookies, personal information, messages and more -- since a bug appeared in their code in 2012. Photo by weerapat1003/via Adobe
Cloudflare, an internet services provider that manages 10 percent of all web traffic, has been leaking assorted bits of customer information — passwords, cookies, personal information, messages and more — since a bug appeared in their code in 2012. Photo by weerapat1003/via Adobe
Time to change your passwords.
Cloudflare, an internet services provider that manages 10 percent of all web traffic, has been leaking assorted bits of customer information — passwords, cookies, personal information, messages and more — since a bug appeared in their code in September 2016, according to a company statement released late Thursday. The company maintains behind-the-scenes details, such as protection from cyber attacks and large scale backups, for websites and mobiles apps like Uber, OKCupid, FitBit, League of Legends, Glassdoor and the online tip jar Patreon (Here’s a list of Cloudflare clients).
The vulnerability came to light after security analysts at Google’s Project Zero spotted an overflow error that was leaking potentially sensitive information to search engines and other websites that scrape data from the internet. Overflow errors, as handily explained by this XKCD comic, occur when more information is requested of a web server than can be output. The wrong data within the server is then selected and spit back out for all eyes on the network to see.
FYI People using Fitbit and 23andme Might want to change their passwords
https://www.wired.com/2017/02/crazy-cloudflare-bug-jeopardized-millions-sites/
https://github.com/pirate/sites-using-cloudflare
Cloudflare security breach exposes data from Uber, Fitbit, OKCupid among 3,400 websites; password changes recommended
[ URL]https://9to5mac.com/2017/02/24/cloudflare-server-breach-cloudbleed-uber-fitbit-okcupid/[/url]
Cloudflare data leak potentially exposed trove of passwords, personal information for months
http://www.pbs.org/newshour/rundown...-trove-passwords-personal-information-months/
BY Andrew Wagner February 24, 2017 at 7:27 PM EST | Updated: Feb 25, 2017 at 5:25 AM
Cloudflare, an internet services provider that manages 10 percent of all web traffic, has been leaking assorted bits of customer information -- passwords, cookies, personal information, messages and more -- since a bug appeared in their code in 2012. Photo by weerapat1003/via Adobe
Cloudflare, an internet services provider that manages 10 percent of all web traffic, has been leaking assorted bits of customer information — passwords, cookies, personal information, messages and more — since a bug appeared in their code in 2012. Photo by weerapat1003/via Adobe
Time to change your passwords.
Cloudflare, an internet services provider that manages 10 percent of all web traffic, has been leaking assorted bits of customer information — passwords, cookies, personal information, messages and more — since a bug appeared in their code in September 2016, according to a company statement released late Thursday. The company maintains behind-the-scenes details, such as protection from cyber attacks and large scale backups, for websites and mobiles apps like Uber, OKCupid, FitBit, League of Legends, Glassdoor and the online tip jar Patreon (Here’s a list of Cloudflare clients).
The vulnerability came to light after security analysts at Google’s Project Zero spotted an overflow error that was leaking potentially sensitive information to search engines and other websites that scrape data from the internet. Overflow errors, as handily explained by this XKCD comic, occur when more information is requested of a web server than can be output. The wrong data within the server is then selected and spit back out for all eyes on the network to see.
FYI People using Fitbit and 23andme Might want to change their passwords
Last edited by a moderator: