CloudFlare bug leaked sensitive information and passwords out in the wild

CloudFlare is an Internet security company that takes care of your sensitive information across various websites. Companies like Uber and OKCupid use it to protect their users from malicious people. But this time CloudFlare goofed up – what is said to be a bug has caused sensitive data like messages, cookies, usernames, and passwords to be randomly written in the code of other websites. And the terrifying truth is that this leaked info can be easily found through a simple Google search if you know what to search for.

Over 5.5 million websites use CloudFlare and chances are youre using at least of few of those on a daily basis. According to the company, the bug reared its ugly head in the middle of September 2016 and has been rampant right until last week. This means some of your passwords could be out there for grabs by someone who is interested in your credit card information that youve already filled on Uber or someone who may want to blackmail you with inappropriate messages from your OKCupid account.

CloudFlare also states in an official press release that it patched the bug in an hour after a Twitter user Travis Ormandy alarmed the security company. The fix took just 7 hours to implement globally.

We’re talking a rather serious leak here as the information is already cached by Googles search engines. This means you better change your passwords on all the websites you have sensitive information, and that does not include only the ones using CloudFlare.

The major issue that emerges after such debacle is can companies protecting our sensitive info step up their game or is the next password leak disaster behind the corner?

Source | Via