The Money Mustache Community

Learning, Sharing, and Teaching => Ask a Mustachian => Topic started by: neo von retorch on February 24, 2017, 07:57:48 AM

Title: Have you heard about CloudBleed? And what can you do?
Post by: neo von retorch on February 24, 2017, 07:57:48 AM

What is it?
A major content delivery network, CloudFlare, has leaked information that could potentially affect hundreds of web sites. This information could include emails, usernames and passwords. Notable sites that MMM users might recognize: Betterment.com, DigitalOcean (MMM's primary host), Patreon.com and Uber.com
More information, up to date. (https://github.com/pirate/sites-using-cloudflare)

What can I do?
Make sure you have different passwords on any information you care about. It might be a good idea to change passwords at any of the above sites.

What else?
Anyone wiser than me - please contribute advice! It's possibly no real information was compromised, but today's a good day to take precautions.

Title: Re: Have you heard about CloudBleed? And what can you do?
Post by: katsiki on February 24, 2017, 08:01:44 AM

Thanks!  I had not heard about this.  So many leaks to keep track of these days.

Title: Re: Have you heard about CloudBleed? And what can you do?
Post by: Gondolin on February 24, 2017, 10:43:05 AM

Change all your passwords and don't reuse any passwords.

The full impact is unknown but, as leaks go this is a serious one. Unlike the typical "hackers broke into an organization and stole some data" leak, this event involved private information being exposed to arbitrary queries for months. Some of this info was then cached by search engines and left "in the wild" until things were fixed yesterday. Who knows who vacuumed it up in the meantime.