Cookies help us display personalized product recommendations and ensure you have great shopping experience.

By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData CollectiveSmartData Collective
  • Analytics
    AnalyticsShow More
    cybersecurity efforts
    How Behavioral Analytics and AI Are Redefining Cybersecurity for Boca Raton Businesses
    14 Min Read
    data driven risk management in heatlhcare
    How Data Analytics Is Changing Healthcare Risk Management
    17 Min Read
    big data and customer service outsourcing
    How Data Analytics Improves Customer Service Outsourcing
    18 Min Read
    How a Specialized Marketing VA Improves Campaign Analytics
    How a Specialized Marketing VA Improves Campaign Analytics
    11 Min Read
    New Data Analytics Breakthroughs Give eCommerce Startups a Fighting Chance
    New Data Analytics Breakthroughs Give eCommerce Startups a Fighting Chance
    6 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-25 SmartData Collective. All Rights Reserved.
Reading: Cloudflare admits bug leaked customer data for months
Share
Notification
Font ResizerAa
SmartData CollectiveSmartData Collective
Font ResizerAa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > IT > Security > Cloudflare admits bug leaked customer data for months
Security

Cloudflare admits bug leaked customer data for months

CIO Dive
CIO Dive
3 Min Read
Image
SHARE
  • Dive Brief:

    • Cloudflare announced Thursday that its edge servers leaked sensitive data — including customer passwords, cookies and authentication tokens — for months, according to a company blog post.
    • Cloudflare chief technology officer John Graham-Cumming said the company’s edge servers “were running past the end of a buffer and returning memory that contained private information,” admitting that the flaw “could have allowed anyone who noticed the error to collect a variety of very personal information that is typically encrypted or obscured.”
    • The content delivery network says the leak, which some are referring to as “Cloudbleed,”  may have been active as early as Sept. 22, 2016, though it was at its most severe between Feb. 13 and Feb. 18. During that time, around one in every 3.3 million HTTP requests to Cloudflare sites may have exposed data. The flaw was reported by a security researcher at Google’s Project Zero.

    Dive Insight:

    Well, it’s time to change your passwords. Again. Cloudflare offers services to more than 5 million websites and has large customers like Uber and OkCupid, so a data leak could potentially be devastating.

    Though Cloudflare moved quickly to fix the problem once it was informed about it, that still leaves a period of about five months when leaked private information could have been intercepted real time or cached by search engines.

    Cloudflare personnel say they don’t believe anyone has taken advantage of the leak. Nevertheless, users of the service may want to change their passwords, to ensure accounts are not compromised. Some Cloudflare customers, like Creative Commons and Change.org, are mandating users reset passwords even if they were not directly impacted.

    “Because our donor data did not touch the Cloudflare service, we do not believe it was ever at risk,” wrote Eric Steuer, director of content and community at Creative Commons. “Additionally, Cloudflare has contacted us directly and informed us that we are not among the sites they know of that were affected by the leak. Despite this, out of an abundance of caution, we are requiring all CCID users to reset their passwords.”


    This post originally appeared on our sister publication, CIO Dive. Our mission is to provide busy professionals like you with a bird’s-eye-view of the Information Technology industry in 60 seconds.

Share This Article
Facebook Pinterest LinkedIn
Share

Follow us on Facebook

Latest News

Turning Monitoring Data Into Customer-Facing Incident Communication
Turning Monitoring Data Into Customer-Facing Incident Communication
Big Data Exclusive
business owner's dashboard
Eliminating Financial Blind Spots With A Business Owner’s Dashboard
Infographic News
reverse logistics
Reverse Logistics: Optimizing The Flow Of Returned Goods
Infographic
mapping hidden profits
Mapping Hidden Profit Leaks Across Distribution Operations
Business Rules Exclusive Infographic News

Stay Connected

1.2KFollowersLike
33.7KFollowersFollow
222FollowersPin

You Might also Like

data protection strategies
Big DataSecurity

End User Data Threats Businesses Can’t Ignore

6 Min Read
data breaches
Policy and Governance

How Hospital Security Breaches Devastate Local Communities

7 Min Read

A Quick Tech Tutorial: Two-Factor Authentication

3 Min Read

Social CRM Mainstreaming Continues With Hearsay

7 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

ai is improving the safety of cars
From Bolts to Bots: How AI Is Fortifying the Automotive Industry
Artificial Intelligence
ai chatbot
How AI Website Chatbots Improve Customer Support and Lead Generation
Chatbots Exclusive

Quick Link

  • About
  • Contact
  • Privacy
Follow US
© 2008-26 SmartData Collective. All Rights Reserved.
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?