Reports of a huge memory leak from web services and security company, Cloudflare. It’s been revealed that their user data from thousands of websites may have been leaked.
Although a lot still has to be discovered about the leak, which is being called Cloudbleed now– and it is not a sequel of Heartbleed bug of 2014. The leaked user data was cached by the search engines meaning that once it was indexed, the hackers may have scraped it and stored that data.
The leak was caught by a member of Google’s security team, Tavis Ormandy, during their Project Zero on February 18th. Cloudflare has exhaustively mentioned the details of the bust and patch up in a blog post.
“the greatest period of impact was from February 13 and February 18 with around 1 in every 3,300,000 HTTP requests through Cloudflare potentially resulting in memory leakage.”
Despite the fact that there has been no official list of the sites affected, many services are still asking their users to change their login credentials. A Github user did speculate on the list of sites affected, along with the note that
“just because a domain is on the list does not mean the site is compromised, and sites may be compromised that do not appear on this list.”
The Github user claims that up to 4,287,625 sites may be at risk, while Cloudflare itself has admitted to over 1000 compromised domains.
Even sites like Authy have made to the list. Its presence in the list indicates that even accounts protected by a 2-step authentication may be at risk of being affected.
The Cloudflare post notes,
“We have also not discovered any evidence of malicious exploits of the bug,”
Below is the list of some of the sites that may have been compromised. If you have an account on any of these or from this Github list, we suggested you change your passwords.