Distributed domain namer server and content delivery service Cloudflare is currently dealing with the fallout of a recent security breach that leaks the passwords, cookies, chat logs, encryption keys of big name providers such as OkCupid, Uber, FitBit, Github along many others.
According to Cloudflare, the service was hit by the result of a Buffer Overflow pointer error that led to a chain of events that’s akin to “going to a restaurant and upon ordering the menu, being received the last orders bill and and wallet contents”. Cloudflare was quick to exclaim that customer’s private SSL keys were not targeted by the leak and identified the problem lying with Cloudflare’s use of the same HTTP parser chain; even going so far to turn off Automatic HTTPS rewrites, Email obfuscation and Server-Side excludes features for the time being. Cloudflare also took effort to work with search giants such as Google, Microsoft’s Bing, Yahoo among others to search and wipe out from the engine any instances of cached HTTP responses.
On the bright side of things, after being approached by Google security researcher Tavis Ormandy, Cloudflare was able to fix the bug internally within 44 minutes and still managed to let their customers know of the error but the fact also remains that Cloudbleed could have impacted the websites since as back as September. Thus, users of some of these websites should keep an eye out for news of password resets and additional news on a site-by-site basis about just what was affected .
Overall, “Cloudbleed” lets us know that sometimes small bugs can lead to big repercussions. The last big scare similar to this was likely “Heartbleed” but at the present moment, seems to impact the average individual a little less personal. That being said, if any consumer has reused passwords between any of those websites (and even unaffected websites) then perhaps a more malicious phising attack could occur. Thus, a quick reminder to use unique passwords or a password manager or even 2-factor authentication can help you stay more secure in the event of a future attack on passwords.
If you are curious if one of the websites you use was affected by Cloudbleed please check: