- Why the ‘Cloudbleed’ Data Leak Flaw Posed a Major Threat to Websites
- What Is Cloudflare, Anyway?
- This Affects Thousands of Sites
- Here Are Some Affected Sites
- How Many Users Are Affected?
- Three Cloudflare Features Were Turned Off
- How Quickly Cloudbleed Was Fixed
- An Eye on Malicious Activity
- Users Should Change Passwords
- Not Much Else Can Be Done
- Looking Ahead Post-Cloudbleed
Why the ‘Cloudbleed’ Data Leak Flaw Posed a Major Threat to Websites
Cloudflare has patched critical security flaws that could have allowed leaks of data from thousands of websites over a six-month period. Cloudflare and security researchers are still watching to see if any leaked data has been exploited.
What Is Cloudflare, Anyway?
Cloudlflare is a prominent internet infrastructure company that provides a host of services to websites, including load-balance optimization and security. It also provides website performance data. Cloudflare works behind the scenes in a lot of prominent websites.
This Affects Thousands of Sites
Cloudflare said in a Feb. 23 statement that user information to thousands of websites, including passwords, leaked over a six-month period. Its edge servers, it said, malfunctioned and returned memory that contained private user information, some of which could have been crawled and cached by search engines.
Here Are Some Affected Sites
The full list of affected sites hasn’t been publicly disclosed, but some companies have said they might have been affected. As of this writing, Uber has confirmed it was a Cloudbleed victim. Fitbit also was affected. Other impacted sites could emerge.
How Many Users Are Affected?
Knowing how many users were affected by Cloudbleed is difficult. Cloudflare provides its solutions to sites that work with millions of internet users. Most security experts believe a chunk of those folks were subject to it.
Three Cloudflare Features Were Turned Off
According to Cloudflare, after it learned of the problem, it discovered three features might have been at the center of the leak and shut them down: email obfuscation, server-side excludes and automatic HTTPS rewrites.
How Quickly Cloudbleed Was Fixed
Cloudflare moved quickly to address Cloudbleed. The company said it turned off the affected services within 47 minutes of discovering the flaw and fixed the leak fully in less than seven hours.
An Eye on Malicious Activity
In addition to addressing Cloudbleed, Cloudflare analyzed the scope of the leak. It found that although search engines including Google had cached its data, there had been no malicious activity surrounding it. The cached data was purged wherever it was found.
Users Should Change Passwords
Although malicious hackers hadn’t taken advantage of the leak, it’s still a good idea to change your website passwords immediately. It’s the first line of defense against any malicious hacker who might somehow cull data from Cloudbleed.
Not Much Else Can Be Done
Unfortunately, beyond changing passwords, there isn’t much users can do about Cloudbleed. The damage has already been done—the information was leaked and there is no way to change that. Users should remain vigilant and be on the lookout for any odd account behavior.
Looking Ahead Post-Cloudbleed
Looking ahead, things could get worse before they become better. The investigation into Cloudbleed and its reach has just begun. The leak appears to have been plugged, but more companies are expected to join the list of affected Cloudflare customers.