Bitcoin Forum
October 19, 2017, 09:34:06 AM *
News: Latest stable version of Bitcoin Core: 0.15.0.1  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Massive CloudFlare Leak, CloudBleed (Affected website list)  (Read 327 times)
vodaljepa
Hero Member
*****
Offline Offline

Activity: 658


View Profile
February 28, 2017, 01:14:01 AM
 #1

Not sure if you guys heard but cloudflare recently had a massive leak in it's https code exposing sensitive data
Here is the actual report from cloudflare https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/

Here is a list of the affected websites, as you can see coinbase, blockchain, localbitcoins are on the list, I would highly advise you to change your password on those websites
https://github.com/pirate/sites-using-cloudflare/blob/master/README.md

Hottest Girls On Webcam Naked - Naughty Cams
1508405646
Hero Member
*
Offline Offline

Posts: 1508405646

View Profile Personal Message (Offline)

Ignore
1508405646
Reply with quote  #2

1508405646
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1508405646
Hero Member
*
Offline Offline

Posts: 1508405646

View Profile Personal Message (Offline)

Ignore
1508405646
Reply with quote  #2

1508405646
Report to moderator
1508405646
Hero Member
*
Offline Offline

Posts: 1508405646

View Profile Personal Message (Offline)

Ignore
1508405646
Reply with quote  #2

1508405646
Report to moderator
1508405646
Hero Member
*
Offline Offline

Posts: 1508405646

View Profile Personal Message (Offline)

Ignore
1508405646
Reply with quote  #2

1508405646
Report to moderator
FiiNALiZE
Hero Member
*****
Offline Offline

Activity: 532



View Profile
February 28, 2017, 01:26:58 AM
 #2

Thanks for the list. I am sure that there is a large quantity of people that want to know what websites other than Bitcoin was affected by the CloudBleed scam.

There is a Bitcointalk member that gathered most of the websites within the list for the other members viewing just so they could change their passwords & 2 FA's.

The link is found in here: https://bitcointalk.org/index.php?topic=1803933.0


With the proper knowledge of Ddos management and security, things like these could be prevented. Since most websites are on a third-party host, this was expected to happen so I am not surprised that they attacked so soon.

arcanaaerobics
Sr. Member
****
Offline Offline

Activity: 364


View Profile
February 28, 2017, 01:31:46 AM
 #3

Everybody was saying stay calm because there was only 0.0009% leakage of customer data was stolen.
I even had a post deleted about this stupid case of affairs. Angry
What a complete failure of common sense by all the companies who were involved with the leaked data of their customers and an utter disgrace of security of the internet confidentially as a whole. Roll Eyes
They are trying to cover now how much of a big deal this in a way to not lose customer's. How really pathetic! Lips sealed
Luviasst
Newbie
*
Offline Offline

Activity: 11


View Profile
February 28, 2017, 04:42:49 AM
 #4

Change your password ASAP Wink
Mia Wallace
Full Member
***
Offline Offline

Activity: 218


View Profile
February 28, 2017, 05:33:52 AM
 #5

Everybody was saying stay calm because there was only 0.0009% leakage of customer data was stolen.
I even had a post deleted about this stupid case of affairs. Angry
What a complete failure of common sense by all the companies who were involved with the leaked data of their customers and an utter disgrace of security of the internet confidentially as a whole. Roll Eyes
They are trying to cover now how much of a big deal this in a way to not lose customer's. How really pathetic! Lips sealed
It is not a minor leak by any means as most of the websites are routing their traffic through cloud flare which is in fact a dangerous practice in the first place because all the sensitive information are being routed through a third person and if i am the owner i would not want a third person interference rather i would take care of the problem myself than trusting a third person.
arcanaaerobics
Sr. Member
****
Offline Offline

Activity: 364


View Profile
February 28, 2017, 02:57:45 PM
 #6

Everybody was saying stay calm because there was only 0.0009% leakage of customer data was stolen.
I even had a post deleted about this stupid case of affairs. Angry
What a complete failure of common sense by all the companies who were involved with the leaked data of their customers and an utter disgrace of security of the internet confidentially as a whole. Roll Eyes
They are trying to cover now how much of a big deal this in a way to not lose customer's. How really pathetic! Lips sealed
It is not a minor leak by any means as most of the websites are routing their traffic through cloud flare which is in fact a dangerous practice in the first place because all the sensitive information are being routed through a third person and if i am the owner i would not want a third person interference rather i would take care of the problem myself than trusting a third person.
Exactly!
People don't know the logistics of how severe this was and still is for their online accounts who used all these sites.
They are down playing it so none of them lose any of their customer's loyalty and switch to sites that don't route that traffic to a third party website.

Very bad for everybody who touch these sites with cookies involved in tracing your location and your login details.
Casinos included because as you notice they know it is you even if you create a completely new account on their site, they still know it is you.  Wink
Go ahead just try it. You might be very surprised what details they steal from you with out you knowing you gave your approval on doing that and any such acceptance in allowing access to do it.

There are several authorities to which you can report phishing websites. Most importantly though, report it to Google and Mozilla so browsers can protect their users.
mike1183
Jr. Member
*
Offline Offline

Activity: 42


View Profile
February 28, 2017, 03:02:03 PM
 #7

Everybody was saying stay calm because there was only 0.0009% leakage of customer data was stolen.
I even had a post deleted about this stupid case of affairs. Angry
What a complete failure of common sense by all the companies who were involved with the leaked data of their customers and an utter disgrace of security of the internet confidentially as a whole. Roll Eyes
They are trying to cover now how much of a big deal this in a way to not lose customer's. How really pathetic! Lips sealed
It is not a minor leak by any means as most of the websites are routing their traffic through cloud flare which is in fact a dangerous practice in the first place because all the sensitive information are being routed through a third person and if i am the owner i would not want a third person interference rather i would take care of the problem myself than trusting a third person.

Been following the Cloudbleed leak and it shows horrible ignorance by these websites, I mean I would accept it if these were small blogs and would be willing to endanger logins (unrelated to money in anyway) for cheaper hosting. But for websites like Uber to route users info through a third party shouldn't be acceptable.

Quote
coinbase, blockchain, localbitcoins

Are dealing with millions, particularly Coinbase. and sensitive data is at risk "without even a hacker involvement"...
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!