Ask Slashdot: How Are You Responding To Cloudbleed?

Posted on by

An anonymous IT geek writes:
Cloudflare-hosted web sites have been leaking data as far back as September, according to Gizmodo, which reports that at least Cloudflare “acted fast” when the leak was discovered, closing the hole within 44 minutes, and working with search engines to purge their caches. (Though apparently some of it is still lingering…) Cloudflare CEO Matthew Prince “claims that there was no detectable uptick in requests to Cloudflare-powered websites from September of last year…until today. That means the company is fairly confident hackers didn’t discover the vulnerability before Google’s researchers did.”
And the company’s CTO also told Reuters that “We’ve seen absolutely no evidence that this has been exploited. It’s very unlikely that someone has got this information… We do not know of anybody who has had a security problem as a result of this.” Nevertheless, Fortune warns that “So many sites were vulnerable that it doesn’t make sense to review the list and change passwords on a case-by-case basis.” Some sites are now even resetting every user’s password as a precaution, while site operators “are also being advised to wipe their sites’ cookies and security certificates, and perform their own web searches to see if site data leaked.” But I’d like to know what security precautions are being taken by Slashdot’s readers?
Leave your own answers in the comments. How did you respond to Cloudbleed?

Read more of this story at Slashdot.



Source: Slashdot – Ask Slashdot: How Are You Responding To Cloudbleed?