Cloudflare admits bug leaked customer data for months

Dive Brief:

Cloudflare announced Thursday that its edge servers leaked sensitive data — including customer passwords, cookies and authentication tokens — for months, according to a company blog post.
Cloudflare chief technology officer John Graham-Cumming said the c

Dive Brief:
- Cloudflare announced Thursday that its edge servers leaked sensitive data — including customer passwords, cookies and authentication tokens — for months, according to a company blog post.
- Cloudflare chief technology officer John Graham-Cumming said the company’s edge servers “were running past the end of a buffer and returning memory that contained private information,” admitting that the flaw “could have allowed anyone who noticed the error to collect a variety of very personal information that is typically encrypted or obscured.”
- The content delivery network says the leak, which some are referring to as “Cloudbleed,” may have been active as early as Sept. 22, 2016, though it was at its most severe between Feb. 13 and Feb. 18. During that time, around one in every 3.3 million HTTP requests to Cloudflare sites may have exposed data. The flaw was reported by a security researcher at Google’s Project Zero.
Dive Insight:
Well, it’s time to change your passwords. Again. Cloudflare offers services to more than 5 million websites and has large customers like Uber and OkCupid, so a data leak could potentially be devastating.
Though Cloudflare moved quickly to fix the problem once it was informed about it, that still leaves a period of about five months when leaked private information could have been intercepted real time or cached by search engines.
Cloudflare personnel say they don’t believe anyone has taken advantage of the leak. Nevertheless, users of the service may want to change their passwords, to ensure accounts are not compromised. Some Cloudflare customers, like Creative Commons and Change.org, are mandating users reset passwords even if they were not directly impacted.
“Because our donor data did not touch the Cloudflare service, we do not believe it was ever at risk,” wrote Eric Steuer, director of content and community at Creative Commons. “Additionally, Cloudflare has contacted us directly and informed us that we are not among the sites they know of that were affected by the leak. Despite this, out of an abundance of caution, we are requiring all CCID users to reset their passwords.”

This post originally appeared on our sister publication, CIO Dive. Our mission is to provide busy professionals like you with a bird’s-eye-view of the Information Technology industry in 60 seconds. To subscribe to our daily newsletter click here.

You must log in to post a comment.

5 Ways Big Data is Transforming Customer Service

Data Mining Can Be a Game Changer for Small Businesses

Modern Mac Malware Is Worse Than Your Wildest Dreams

The World of Digital Marketing Has Certainly Evolved

Education and the Blockchain – Should We be Teaching Blockchain in Schools?

Leveraging Data with Business Intelligence Analytics Tools

How the Internet of Things is Changing Big Data Analytics

Can Business Intelligence Answer the Questions Asked of it Without Big Data?

6 Ways Big Data Analytics Is Changing the E-Commerce Industry

How to Overcome Data Visualisation Problems

Current Landscape and Applications of Blockchain Explained

How Big Data Is Driving Airline Loyalty Programs

The Enterprise Graph – From Connections To Customer Insights

Can Smart Data Ensure Cybersecurity and Data Protection?

5 Ways Big Data Is Transforming Finance

Big Data is Cutting Spreads and Making Forex Trading More Cost-Effective

Why Every College Student Should Study Predictive Analytics

Dark Data: The hidden billion dollar opportunity

Quality vs Quantity in Customer Service Analytics

4 Customer Retention Metrics for Data-Driven Ecommerce

Emotions: The Next (but not new) Frontier in Artificial Intelligence & Cognitive Computing

Predicting Airline Loyalty Churn – Cathay Pacific Marco Polo [Case Study]

How big data is affecting social media metrics and Facebook ad strategies

Report: Brands Use Advanced Analytics to Reach Double Digit Growth

Dark Data: The hidden billion dollar opportunity

Predicting Airline Loyalty Churn – Cathay Pacific Marco Polo [Case Study]

How to Be a Text Analytics Rock Star in your Organization

Text Analytics: It’s Not Just for BIG Data

The Smart Data Lake Imperative

Data-Driven Facts for Better Blogging

How to Make Site Search a Conversion Tool

Get The Best Out Of Your Marketing Strategy By Integrating Analytics

The Types of Simple Queries Businesses Need to Ask that Spark Growth

How Did Big Data Create a Modern Day Manufacturing Workforce?

The 7 Biggest Data Trends to Watch in Finance for 2017

Taking Data Visibility to the Office Walls

What Led to the Recent Huge Buzz Around Analytics?

How Can Big Data Solve the Challenges of E-Commerce Personalization?

5 Ways Big Data is Transforming Customer Service

Leveraging Data with Business Intelligence Analytics Tools

Data Mining Can Be a Game Changer for Small Businesses

Data Mining Can Be a Game Changer for Small Businesses

Overcoming the Challenges of Big Data Clustering

5 Challenges Your Company Has to Overcome to Succeed in Data Mining

The Data Is In: Finding Affordable Car Loans

Can Smart Data Ensure Cybersecurity and Data Protection?

How to Overcome Data Visualisation Problems

How Human Centered Design and Big Data Are Merging in 2017

How to Scale Your Big Data Project Effectively

How to Overcome Data Visualisation Problems

Data Driven: 5 Ways Automakers Use Big Data to Improve Their Products

Taking Data Visibility to the Office Walls

6 Key Capabilities an Embeddable Analytics Software Should Deliver

Dropbox or Box – Which Cloud Storage For Small Businesses

Overcoming the Challenges of Big Data Clustering

What is an Enterprise Data Warehouse?

How Much Is Data Center Downtime Costing You?

Social Media and Big Data Are Creating a New Generation of Millionaires

Can Smart Data Ensure Cybersecurity and Data Protection?

Predicting Airline Loyalty Churn – Cathay Pacific Marco Polo [Case Study]

Are Instagram Stories a Big Data Goldmine?

The 7 Biggest Data Trends to Watch in Finance for 2017

Data Driven: 5 Ways Automakers Use Big Data to Improve Their Products

Thinking Efficiency: IT, OT, And The Issue Of Migration

Is Big Data Security Still Lacking?

Leveraging Data with Business Intelligence Analytics Tools

How to Apply Agile Marketing Strategies to Data Driven Enterprises

Robots Could Hold Nearly 40 Percent of American Jobs by Early 2030s

Data Mining Can Be a Game Changer for Small Businesses

Robots Could Hold Nearly 40 Percent of American Jobs by Early 2030s

Big Data is Leading the Fight Against Fake News

Keep calm, AI is not About to Make Marketers Obsolete

Musk vs. Zuckerberg: Who’s Right About AI?

The Enterprise Graph – From Connections To Customer Insights

Will Predictive Analytics and POS Save Small Retailers from Extinction?

Leveraging The Cloud, New Technology and Video To Effectively Manage A Growing Global Workforce

In a World Full of Data, Can Analytics See the Market Trends?

Key Points from Microsoft Dynamics 365 Tech Conference

Customer Feedback and Data Analysis: The Keys to a Good Customer Retention Rate

How Businesses Can Profit From Mobile Apps