Many of you many not be aware of Cloudflare which is one of the biggest Internet security companies in the world whose services are used by literally millions. Recently, security researcher Tavis Ormandy discovered a massive vulnerability in Cloudflare’s code that for six months has been leaking massive amounts of data including passwords and personal information across the Internet.
Among the many companies that use Cloudflare’s services are Uber, OKCupid and FitBit. The code vulnerability has been fixed and at this time we do not know if hackers had already exploited the vulnerability and stolen the massive amounts of data affected by the leak, however some of the data is available through search engines such as Google and Yahoo and it will take a while for Cloudflare to purge the data from the caches readily available through search engines. Quite frankly everyone is in jeopardy due to this data leak.
This incident, once again, reminds us all that we are only as secure as the places that have our personal information with the weakest security. This is probably a good time to consider changing your passwords and as an extra security measure add dual factor authentication to whatever accounts you use that offer it.