UPDATE: Link to full details from the source. https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/
In a major information security announcement earlier this week, it was revealed that CloudFlare (a large firewall and content distribution service) has been inadvertently leaking data from websites utilizing their services. The data leaks apparently started in September 2016 and were finally discovered and mitigated February 18, 2017.
Potential data exposure includes passwords, website cookies, personal information and a wide variety of other data points.
How Data Surfaced
The data leak was the result of roughly 3,400 websites in CloudFlare’s customer base becoming transmitters of random data from potentially ANY of CloudFlare’s 5.5M customer websites directly into pages and search results. Leaked data would appear as random garbage text/images within pages of the affected sites and within search result text on Google, DuckDuckGo, and other search engines.
What This Means
Anyone visiting any website which used CloudFlare during this time could have been a victim of data exposure. This includes major websites and services like Uber, Salesforce, Cisco, OkCupid, and many others.
Based on the depth and length of this leak, NetTech recommends changing passwords on important accounts and recycling logins on mobile devices. Logging out of apps and back in will reset session validation data that may have been exposed to third parties by such a leak.
NetTech has already recycled all of our hosted website user account sessions as one step to mitigate potential data exposure.
The breadth and impact of data leaked as a result of this security hole may not be seen for weeks or months. We urge our customers, colleagues and friends to update your credentials on any accounts with access to financial or sensitive information.
An in-depth article explaining the details of the leak was written by WordFence, a WordPress cybersecurity provider, and is available at the link below:
The Hacker News channel on YCombinator has the latest insider comments on the leak and its potential impact: