A major content delivery network says a bug in its software has caused sensitive data to be leaked from customer websites. Cloudflare says data including passwords, cookies, and authentication tokens were leaked.
A Google security researcher found the leak, which started in September, last week and immediately reported it. Cloudflare has now fixed the problem, but the damage is done.
The service offers enhanced security and performance for more than five-million websites. Some of the popular apps an sites affected include Uber, 1Password, FitBit, and OKCupid. Among the info spilled onto the internet; "private messages from major dating sites, full messages from a well-known chat service, online password manager data, frames from adult video sites, and hotel bookings.”
Though no customers of the affected sites have been notified…and we don’t have a full list of the sites leaking data… experts recommend you change all passwords and monitor your credit report.Source: Fortune