Security firm Cloudflare disclosed late Thursday that a long-running bug in its security systems may have leaked information, including potentially personal information, from thousands of sites including Uber, Fitbit and OK Cupid. The problem was first uncovered by Google security expert Tavis Ormandy, who let Cloudflare know about the issue on Feb. 18. But the service had been leaking information for months in a way that allowed search engines to pick it up, according to Cloudflare.
Category: CloudFlare
Major security flaw may affect Uber, Fitbit, OkCupid
The web performance and security company Cloudflare has a software bug that released personal account details of its clients. Thanks to the bug, users of Uber, OkCupid, and FitBit had their passwords, emails, and messages exposed.
Select AllWhat You Need to Know About CloudbleedA big-deal glitch that could have been a lot worse.
Yesterday, web-infrastructure provider Cloudflare disclosed the discovery and subsequent mitigation of a bug – now known as “Cloudbleed” – in its system. This was a big-deal bug, and it’s been patched , and you’re welcome to take my word for it and stop reading now.
Uber, 1Password, Fitbit and OKCupid user data exposed by massive security flaw
The good news is that hackers do not appear to have taken advantage of a severe Cloudflare security bug that would have given them access to sensitive customer data including passwords and authentication tokens. The bad news is that the bug was only recently discovered, which means it went undetected for nearly five months.
Cloudflare bug exposed passwords, other sensitive data from websites
For months, a bug in Cloudflare’s content optimization systems exposed sensitive information sent by users to websites that use the company’s content delivery network. The data included passwords, session cookies, authentication tokens and even private messages.
The Wall Street Journal: Headache for Cloudfare and potentially some clients over data leak
A software bug at a widely used internet-service provider that caused it to leak data has created a potential security headache for thousands of its corporate customers. The bug at Cloudflare Inc., disclosed Thursday, has affected company systems since September of last year.
The Wall Street Journal: Headache for Cloudfare and potentially some clients over data leak
A software bug at a widely used internet-service provider that caused it to leak data has created a potential security headache for thousands of its corporate customers. The bug at Cloudflare Inc., disclosed Thursday, has affected company systems since September of last year.
Cloudflare fixes bug from September 2016 that leaked private user…
Cloudflare fixes bug from September 2016 that leaked private user info, says search engine caches have now been cleared of sensitive info – Service used by 5.5 million websites may have leaked passwords and authentication tokens. – Cloudflare, a service that helps optimize the security