ALERT! Wide Impact: Cloudflare Data Leak. How to Secure your Site

This is an unscheduled announcement that we are sending this evening to address an urgent issue which became public a few hours ago. There has been a serious data leak that affects all Cloudflare customer websites and their site visitors.

It was just announced that for the past 5 months, in certain cases sensitive data being sent from a Cloudflare customer website to a site visitor has been mixed with data being sent to visitors of completely different websites.

This issue was reported to Cloudflare last Saturday by a Google researcher. They have been working frantically since then to fix it.

This data leak was announced several hours ago on the Google Project Zero mailing list and on the Cloudflare blog. Some of the leaked data has been indexed by search engines who have been working to scrub the data from their caches.

To help explain the issue and help you secure your website, we have published details of what occurred and how to secure your website in case you have been affected by this data leak.

You can find the full post on our blog....

Regards,



Mark Maunder
Wordfence Founder & CEO

Click to expand...

cloudflare said:

Your domain is not one of the domains where we have discovered exposed data in any third party caches. The bug has been patched so it is no longer leaking data. However, we continue to work with these caches to review their records and help them purge any exposed data we find. If we discover any data leaked about your domains during this search, we will reach out to you directly and provide you full details of what we have found.

Click to expand...

CMOBOSS said:

Nobody seen this coming?

Click to expand...