Skip to main content
  1. Home
  2. Computing
  3. News

Here’s a list of sites and services affected by Cloudbleed, and what to do next

By

A hand on a laptop in a dark surrounding.
Image used with permission by copyright holder
Last week, we found out about Cloudbleed, a major leak of user data affecting sites and services that use infrastructure provided by Cloudflare. It’s still too early to determine the scale of the problem — but it’s an ideal time to respond if you’re looking to avoid the fallout.

Cloudbleed refers to a memory leak that caused user data from apps and websites that use Cloudflare’s services to be splashed across the internet, and is being compared to the Heartbleed bug that reared its head in 2014. Unfortunately, it’s thought that some of the data leaked as a result of Cloudbleed may have been cached by search engines, meaning that malicious entities could have intercepted it, according to a report from Gizmodo.

Recommended Videos

Cloudflare has such an enormous list of clients that it’s difficult to list every single site and service that could be affected — although an effort to do just that is in progress on GitHub. Here’s a list of some of more commonly used domains that could have had user data leaked (although there’s no confirmation that they’ve been compromised as of yet):

  • uber.com
  • yelp.com
  • medium.com
  • 4chan.com
  • bitcoin.de
  • fitbit.com
  • authy.com
  • tfl.gov.uk
  • okcupid.com
  • discordapp.com
  • feedly.com
  • thepiratebay.org
  • pastebin.com
  • change.org
  • puu.sh
Please enable Javascript to view this content

The above is by no means a definitive list, as millions of domains could potentially be at risk. However, it should demonstrate the variety of services that could be affected.

Related

To check whether any sites or apps you use are at risk, you can scour the full list on GitHub, or use the Does it use Cloudflare? web tool. However, most internet users are likely to hold an account on at least one affected site, so password refreshes are recommended for all.

Changing out every password you are currently using may seem extreme, but the stakes are high. If your user data has been leaked, and you use the same password for multiple sites, it might be possible for a stranger to gain access to all kinds of services on your behalf.

As such, it’s well worth doing a sweep now, and changing up your passwords to ensure that you’re kept safe. The inconvenience of spending a hour or two completing the task is a small price to pay for peace of mind.

This might also be a good time to improve your online security across the board. If you’re not already using a password manager and two-factor authentication to keep your accounts safe, there’s no better time to implement these services.

Above all else, vigilance is key. This is an evolving situation, since the problem was only made public a matter of days ago, and there are so many domains that could be affected. Keep a close eye on important accounts, and if you notice anything suspicious, make sure to follow up.

Editors’ Recommendations

Topics
Brad Jones
Brad Jones
Former Digital Trends Contributor
Brad is an English-born writer currently splitting his time between Edinburgh and Pennsylvania. You can find him on Twitter…
What is RAM? Here’s everything you need to know

Random-access memory, or RAM, is an essential component in everything from desktop computers to smartphones. RAM is a high-speed, short-term storage solution that gives applications, games, and the operating system itself, quick access to important information. That saves it the time of retrieving the data from much slower storage, like hard drives. Even the best SSDs are slower than RAM.

Like other components in your devices, though, there are many different types of RAM. RAM speed can be affected by its type, the model, or its generation, and its price can vary wildly depending on the capacity you're buying (assuming you've checked how much RAM you need), and what device it's going into.

Read more
What is an SSD? Here’s everything you need to know
A man holds a Corsair MP600 PRO LPX PS5 SSD next to an open PS5.

You may have seen the acronym SSD and wondered what it really is. First off, the acronym stands for solid state drives, and they've become the premier storage medium for most modern desktop PCs, laptops, games consoles, tablets, and portable gaming systems.

The best SSDs offer much greater bandwidth than traditional hard drives, with lower latency, reduced power draw, and much greater durability against physical damage. They are smaller, lighter, and more affordable today than ever before.

Read more
I grilled Intel about its massive stability problem — here’s what it told me
intel instability unanswered questions dt respec

Intel is in trouble. We've known there was a problem for months, but the true scope of the issue is coming into focus. Intel has finally said a microcode update that will solve the instability problem is on the way, but it won't be here for several weeks. It's not much of a resolution, either -- I still have a lot of questions about Intel's instability problem, and how it plans to address the issue going forward.

I've sent the list of questions below to Intel for a response, and in cases where Intel has responded, I'll provide the exact quote. We've definitely seen some shifty communication from Intel regarding the instability issue up to this point, so I'll fill in the gaps if there's anywhere Intel wasn't able to provide a solid answer.
How will this impact performance?

Read more