Cloudbleed bug could have leaked data from 1000s of sites

Posted: Updated:
Credit: Flickr Commons Credit: Flickr Commons

(MEREDITH) -- It’s being called Cloudbleed, and it’s the latest leak to potentially expose user data from multiple sites. While you might not use Cloudflare, the source of the data leak, you might use sites that do. Change your passwords, now.

It’s still early in the investigations of the data leak, and no definitive list of compromised sites has been released to this point. Many are taking it upon themselves to notify their users of a potential security breach, so take heed if you see a notice from a site you use.

Google’s Project Zero security analysis team discovered Cloudbleed on February 18th, and so far Cloudflare is saying the majority of the data leak occurred between Feb. 13 and Feb. 18, with around 1 in every 3,300,000 HTTP requests through Cloudflare potentially resulting in memory leakage.“

Keep an eye on Cloudbleed as more information becomes available, and make sure to change your passwords if you believe some of your accounts might have been compromised. For Cloudflare’s rundown of the data leak, check out their blog post detailing their investigation.

To this point, no news has been good news. Cloudflare hasn't seen any malicious use of user information. 

Copyright 2017 (Meredith Corporation). All rights reserved.