A new type of data leak has come to light that could impact millions of people around the globe.

Google Project Zero, the research effort to find and fix critical software security flaws, reported that a vulnerability on the Cloudflare security service could enable the leak of passwords and data.

According to Cloudflare, the flaw could have allowed leaks of sensitive data from thousands of websites over a six-month period.

This incident has been dubbed Cloudbleed by some people in the cyber-security community because the threat was potentially as serious as the “Heartbleed” OpenSSL cryptography flaw that was reported in 2014 which posed a serious security threat to thousands of websites.

Cloudflare says it has patched the data leak flaw and moved quickly to purge any leaked data that may have circulated on search engines. While the full scope of the Cloudflare leak and exactly how many users were affected hasn’t been disclosed, this is the latest in a string of recent data privacy threats to affect internet users worldwide.

This slide show provides more details about the cause of the flaw and discusses why Cloudbleed is a serious problem.

Leave a Reply