Cloudbleed: What You Need to Know

cloudflare log0

Data breaches aren’t only caused by criminals or malicious employees. In the recent case of Cloudflare, a misconfigured section of code led to potentially millions of records being exposed. Cloudflare provides content delivery and internet security services to millions of websites, including popular sites such as Uber, FitBit, and OkCupid. The breach occurred because of a buffer overflow, which allowed information from previous browsing sessions to be carried over into other sessions, potentially revealing personal information and passwords.

The breach, dubbed “Cloudbleed”, was discovered by Tavis Ormandy, a Google researcher specializing in finding bugs in code. He notified Cloudflare the same day (February 18), and the company immediately took steps to resolve the issue. On February 23, Cloudflare posted an incident report on their blog, and said that the issue was resolved within 7 hours of being notified of the problem by Google. This remarkable turn-around time is an achievement, since the usual mitigation time for this kind of incident is 3 months, according to the blog post.

What should consumers do? While no known exploit of Cloudbleed currently exists, the potential level of exposure means that it’s only prudent to take precautions to secure your data. A handy website now exists that can tell you if a given website uses Cloudflare, or you can check a list posted to Github.

Since many of the affected sites had customer login portals, changing your passwords for all accounts is highly recommended. Using a password manager to create and store strong and unique passwords for every site is the easiest way to manage login security. Given the pace and scope of data breach occurrences, it’s clear that the best defense for securing your data is a unique, strong password for every website. Reusing passwords between websites, while seemingly easier to manage, means that one website being compromised could lead to your entire digital life becoming exposed.