Serious Cloudflare bug exposed a potpourri of secret customer data

28 02 2017
Cloudflare, a service that helps optimize the security and performance of more than 5.5 million websites, warned customers today that a recently fixed software bug exposed a range of sensitive information that could have included passwords, and cookies and tokens used to authenticate users.

A combination of factors made the bug particularly severe. First, the leakage may have been active since September 22, nearly five months before it was discovered, although the greatest period of impact was from February 13 and February 18. Second, some of the highly sensitive data that was leaked was cached by Google and other search engines. The result was that for the entire time the bug was active, hackers had the ability to access the data in real-time, by making Web requests to affected websites, and to access some of the leaked data later by crafting queries on search engines.

 

more

The content in this post was found at https://arstechnica.com/security/2017/02/serious-cloudflare-bug-exposed-a-potpourri-of-secret-customer-data/ and was not authored by the moderators of privacynnewmedia.com. Clicking the title link will take you to the source of the post. and was not authored by the moderators of privacynnewmedia.com. Clicking the title link will take you to the source of the post.

Powered by WPeMatico

« »


Actions

Informations