Cloudflare Bleeds Sensitive Data All Over The Internet

A coding error led to chunks of potentially sensitive data ending up unsecured on different websites.
Cloudflare Bleeds Sensitive Data All Over The Internet

You'd better change your passwords. The internet has suffered another major data leak.

Today's victim is Cloudflare, a web security and data management company that runs a sizable chunk of the internet's infrastructure.

The trouble lies in how Cloudflare processed HTML pages, which required information to be stored temporarily in a buffer. A bug caused Cloudflare's buffer to overflow, and the extra data was dumped unsecured on other websites.

The Google researcher who reported the bug was able to grab chunks of sensitive info from companies like Uber, OKCupid and FitBit. He even gave the whole thing a name: Cloudbleed, after another famous bug.

Cloudflare says the bug only hit one out of every 3.3 million page requests during the biggest period of impact. It's hard to pin down what information was actually affected by the leak or whether anyone was able to exploit it. 

But given the potential types of data leaked and the range of companies potentially affected, it's probably better to play it safe and change your passwords.

Featured Stories
Former President Barack Obama

The Fight To Repeal Obamacare Might Not Be Over

Jarred Vanderbilt after winning the FIBA Championship

This Top-25 High School Basketball Player Told Us Why He's Next Up

A lesbian couple hold hands during a gay Pride rally.

LGBTQ Groups Are Upset The 2020 Census Is Leaving Them Out