Singlesource IT has been an integral partner in managing and implementing our technology needs. They not only provide exceptional service and responsiveness, they anticipate and prepare to help in guiding the direction of growth in our company. By assisting in making us more efficient and economical they ultimately help make us more profitable.”

Meyers + Associates Architecture, LLC.

Christopher Meyers, Principal Architect

 

 

« Romance Scams: Fraudsters Learn to Hack Your Heart. | Main | A Battery Backup? What’s That For? »
Tuesday
Feb282017

Cloudbleed! Cloudflare’s Major Bug Is Leaking Your Data

Even if you haven’t heard of Cloudflare, you’ve probably used their services. Ever hail an Uber? Track your every step with a FitBit? Go looking for love on OkCupid? These companies, and a few million more, use Cloudflare for speed enhancement and additional security for websites and mobile apps.

Cloudflare is an interesting company. They’ve found a niche by acting like a hosting provider without doing any actual hosting. Instead, they have a network of mirrors around the globe, ready to serve up an optimized, SSL-enabled version of your website. The result is a faster, more secure experience for your customers – when everything goes according to plan.

Cloudbleed is a bug in Cloudflare’s code that was discovered on February 17th. This flaw created a “memory leak” – a situation in which recently stored data on a server would be sent along with new, legitimate requests for information. In other words, you might log on to Uber and find you’ve got someone else’s username and password on your screen too.

A memory leak can easily be exploited by hackers who can continually ping a server and then sift through the results for credit card numbers and other useful bits of data. To be fair, it doesn’t look like there was any malicious intent or criminal activity associated with Cloudbleed. However, data once leaked is data compromised forever. Even after the problem is fixed, there could still be sensitive information floating around the internet.

What to do?

If you’ve been using services that use Cloudflare, now is a great time to update those usernames and passwords. Also, keep an eye on credit cards accounts that you’ve tied to ecommerce sites. Look for anything suspicious on your next statement. A full list of compromised sites is hard to compile, but here are a few links that list the most popular affected services:

http://www.digitaltrends.com/computing/cloudbleed-what-you-can-do/

https://github.com/pirate/sites-using-cloudflare

If you own a website or app that uses Cloudflare, life is little more complex. First off, get in touch with Cloudflare to see if you were affected. If so, change your admin credentials and scour the web for information that might have been leaked – basically, start googling for your old private data. If you get any hits, you’re in trouble. At this point, you may need to bring in your web developer to re-write the way that your site authenticates user sessions, ensuring that old data won’t work for new visits to your site or mobile app.

Unsure about any of this? We’re here to work with you, double-check your data, and make sure that you and your customers are safe. Give us a call. Cyber security is a tricky business, and we’re committed to keeping you one step ahead of the next bug.