Cloudflare Data Leak: How to Protect Your Personal Data
Cloudflare, a California-based web services company, recently reported that their servers leaked personal data from websites it services. According to the Consumerist, “more than 5.5 million websites in some way use Cloudflare services… including Yelp, OK Cupid, Uber, Medium, Fitbit, Patreon, Y Combinator, Feedly” and possibly others. The data leaked may include private messages, authentication tokens, passwords and other sensitive data.
Once it became aware of the problem, the company acted quickly to correct the code that lead to the leak and delete any leaked data it was able to cache with the help of Yahoo, Google, and others.
The take-away from this latest breach: If you have used any of these services reportedly affected by this leak, be sure to change your passwords right away. In fact, the best practice is to change passwords frequently.
Here are more tips to help you keep your personal data safe.
- As an added layer of security, enable two factor authentication to access your accounts, whenever possible.
- Always create passwords that are at least 8-10 characters in length. Be sure to include upper and lowercase letters, numbers, and special characters like!|*@. Avoid using birth dates or the names of your children, spouse, or a favorite pet. This information can be easily obtained from social media or other online resources.
- Change your passwords frequently. Avoid simply changing a number or substituting a number for a letter
- Don’t use the same password for multiple accounts. If a hacker compromises one of your accounts he will have access to all of those with the same password.
For more detail on this data leak, check out Heads Up: You May Need To Change Your Passwords On Thousands Of Sites. To read the Cloudflare press release, go to Incident report on memory leak caused by Cloudflare parser bug