BEACON TRANSCRIPT – On Thursday, Cloudflare revealed that they had a bug in their security systems that might have caused the leaking of information from thousands of sites. This information might contain personal data. Some of the sites in question include Fitbit, Uber, or OKCupid.
Tavis Ormandy, a Google security expert, was the first that noticed the problem and reported it to Cloudflare on February 18th. However, Cloudflare declared that the service had been leaking information for months and allowed the search engines to pick it up.
However, they declared that only a small part of the 5.5 million sites that use their services had been affected. Unfortunately, there is no comprehensive list available of all the sites that have been affected and some of the sites presented as victims of the information leakage might have actually been safe.
Since there is not clear which sites had information leaking and which did not, users are advised to change their passwords on any site and be precautious. Matthew Green, computer science professor at Johns Hopkins University, said that most users had probably not been affected, but it’s better if they take all the necessary precautions.
Cloudflare posted a technical explanation on their blog. They said that they were trying to switch from an older code to a new one. When they ran both at the same time, issues arose that caused a data leak. Now, they declared they had fixed the problem and now were working on getting the affected pages away from search engines.
They also declared that there was no record of this data they leaked to have been used in malicious ways, but other security experts tell that this is not so easy to find out.
Anyway, people should keep in mind two things regarding the internet. The first one is the existence of companies that create products which run the internet without many users even knowing they exist. Cloudflare is part of these companies that messaging services, banks, or retailers use for security.
Also, the internet is not so neat as many may think. Taking this example, we have seen that it is rather chaotic. A small mistake that occurred at Cloudflare caused millions of people to be affected.
People should be aware that the internet is quite a vulnerable place and everything might be in danger of being leaked or used for different purposes.
Image Source: Flickr