By Michael Neuman
Sensitive information such as passwords, cookies, and encryption keys have been leaked on the internet due to a security issue at the service provider CloudFlare. Backstop Solutions Group is not a client of CloudFlare, and is not affected by this security issue.
The problem, nicknamed “CloudBleed,” involved CloudFlare’s edge servers “running past the end of a buffer and returning memory that contained private information,” per CloudFlare CTO John Graham-Cumming. After intensive work, CloudFlare has resolved the issue.
We recommend that you monitor the sites that are being reported as having been affected by CloudBleed. If you see a site on the list that you or your company uses, it would best to change your password for that site as a precautionary measure. If you use the same password for all of your websites, we strongly recommend that you change all of those passwords, in case your private information with affected services has been compromised.
At Backstop, we take your security seriously, and we will continue to monitor the situation as it evolves. For more information, you may wish to read CloudFlare’s description of the problem and a summary article posted by Security Week.