Cloudflare, Cloudbleed – or 3,400 reasons of shit happens
Over the course of the last six months, Cloudflare bled a lot of sensitive data. The reason? A bug in its HTML-Parser that in the end impacted millions of websites. Beside other things, they offer DDoS protection and a CDN service. Due to the massive amount of affected websites it’s a rather important issue and it’s being referred to as ‘Cloudbleed’ – in reference to the 2012-2014 Heartbleed security bug.
What was this vulnerability on Cloudflare servers all about?
Since we’re late to the party we will spare you a long and complicated explanation and just recommend you watch the easily understandable video below from Newsy:
You want a longer and more in-depth article on the whole issue? Then head over to CloudFlare and take a look at their write-up.
Why should you care?
Cloudflare is a popular service used by thousands of websites. You probably know 4chan.org, uber.com, yelp.com, zendesk.com, medium.com, pastebin.com, glassdoor.com, bitcoin.de, fitbit.com, porntube.com, or 1password.com? There are more – lots more of affected sites. It is very likely that you have an account with at least one of them. Just take a look at this list containing ~3,400 websites which might have been affected by the Cloudflare leak. Spoiler warning: If you’re looking for Avira you won’t find it there.
All in all there is no reason for you to panic though. You might not even be at risk, heck, it’s unclear if any data was stolen/the issue exploited at all before the bug was finally found. Then again remember the massive amount of big names you just saw in the above list. If you want to be really sure that your password is safe, you might want to consider – as a precautionary measure – to change your login credentials. Especially if you’re using the same password for more than one account. And please, don’t use one of these.
Make your life easier
If you are like me you’re having a hard time remembering passwords or coming up with a good system for them. You then might start using the same two or three ones for all your online accounts – because come on: bad stuff only happens to other people, right? Wrong: With a bug like Cloudbleed everyone with an account on one of the affected websites can potentially become a victim. Sure, it’s reasonable to think that nothing at all will happen, but what if? There is a very easy way to make sure you stay secure from falling into that trap: A simple Password Manager. Our Avira Password Manager solves your password hassle and creates secure passwords which are unique for each account. You’re welcome! 😉