Cloudbleed Exploit Exposed: Change All Your Passwords Right Now

Change all your passwords right now. We aren't kidding when we say that this new leak being dubbed "Cloudbleed" has compromised thousands of websites and their accounts. 

Most notably is is Uber, the ride-share app that many of you probably use. This vulnerability is massive and researchers don't yet know the extent of the leak or the full list of the sites that have been compromised.

Alongside Uber we also know that sites such as OkCupid, Yelp, Fitbit, Patreon, Firebr and Authy has been compromised, having user information exposed, including credit card and email accounts. 

The current list of sites that have be potentially compromised is longer than we can even list (it's potentially thousands) but if you want to check your accounts you can keep up to date via this long list of sites that is constantly being updated.

This Cloudbleed leak is more than just accessing of basic account information like other leaks before it. The leaks has exposed a ton of information on users including private messages via compromised dating sites, hotel bookings, emails through sites, credit card information and other personal information. 

The leak was officially announced Thursday night (2/23/17), and called out an error in the code they use that lead to a "buffer overrun" that lead to their service being compromised. Cloudflare stated that they quickly identified the issue once it has come to light.

The leak was caught by a member working for Google's Project Zero team while running checks on the Google Edge Network going through the Cloudflare network. This was noted and Cloudflare was made aware of the issue last Friday.

But the real concern is that the leak may have begun back on September 22nd of 2016. Again, the extent of this leak will not ne known for some time, so to be safe users should change their passwords across all their accounts. Enabling 2 factor authentication is also recommended where possible. 

It should be noted that Cloudflare has fixed the issue, but there is a problem with search engines as many of them offer cached versions of sites and thus the information may still be at risk and out there.

The information that Ormandy was able to pull up with little work is pretty shocking. He stated that users have good reason to fear as several password manager sites have also been compromised. He was also seeing passwords, keys and messages from a well-known chat service.

Ormandy stated that he worked with Cloudflare to quickly resolve the issue and stated that he is unsure what information specifically was compromised. There is the possibility that nothing was taken, or that the leak was even noticed by nefarious parties. 

It should be noted that Ormandy does think that other crawlers on the internet have, in fact, collected the same data that he did. There is also the possibility that people may have cached content out there without even knowing it, or knowing what they have.

So, again, change all your passwords and set up the strongest security that you possibly can just to be safe.