Scam of the day – February 26, 2017 – Data leak at Cloudflare threatens everyone

Many of you many not be aware of Cloudflare which is one of the biggest Internet security companies in the world whose services are used by literally millions.  Recently, security researcher Tavis Ormandy discovered a massive vulnerability in Cloudflare’s code that for six months has been leaking massive amounts of data including passwords and personal information across the Internet.

Among the many companies that use Cloudflare’s services are Uber, OKCupid and FitBit.  The code vulnerability has been fixed and at this time we do not know if hackers had already exploited the vulnerability and stolen the massive amounts of data affected by the leak, however some of the data  is available through search engines such as Google and Yahoo and it will take a while for Cloudflare to purge the data from the caches readily available through search engines.  Quite frankly everyone is in jeopardy due to this data leak.

TIPS

This incident, once again, reminds us all that we are only as secure as the places that have our personal information with the weakest security.  This is probably a good time to consider changing your passwords and as an extra security measure add dual factor authentication to whatever accounts you use that offer it.

2 thoughts on “Scam of the day – February 26, 2017 – Data leak at Cloudflare threatens everyone”

    1. Unfortunately, we are. At this point in time we don’t know which accounts were affected and the risk could be considered too great not to change your passwords. Security experts are somewhat split on this one with some saying everyone should take this opportunity to switch to dual factor authentication when possible as well as change passwords generally. Other experts are saying that there is no evidence that the leaked information has been obtained by cybercriminals and that security people at Cloudflare have already patched the problem.

Leave a Reply

Your email address will not be published. Required fields are marked *