A software bug discovered in Cloudflare, a popular web performance and security company, may have compromised the security of over 5 million websites, including Fitbit, Uber, and OK Cupid.
If you have or had accounts on Fitbit, Uber, Ok Cupid, Medium, or Yelp, you should probably change your passwords. In a blog post published on Thursday, the web performance and security company Cloudflare claimed that it has fixed a critical bug, discovered over the weekend, that had been leaking sensitive information such as website passwords in plain text from September 2016 to February 2017. Over 5.5 million websites use Cloudflare, including Fitbit, Uber, Ok Cupid, Medium, and Yelp.
Some website sessions accessed through HTTPS, a secure web protocol that encrypts data sent to and from a page, have been compromised as a result, and what makes the bug particularly serious is that some search engines (like Bing, Google, and DuckDuckGo) cached, or saved, a variety of the leaked data for some time. This data isn't easy for an non-technical person to find, but for someone with knowledge of how to craft specific queries for affected websites' leaked data on search engines, it was well within their reach.
Thomas Trutschel / Getty Images
from BuzzFeed - Tech https://www.buzzfeed.com/nicolenguyen/cloudflare-hack-2017-change-your-passwords?utm_term=4ldqpia
No comments:
Post a Comment