/plushcap/analysis/cloudflare/quantifying-the-impact-of-cloudbleed

Quantifying the Impact of "Cloudbleed"

What's this blog post about?

Cloudflare, a web infrastructure company, experienced a serious bug in its parser that caused data flowing through its network to be leaked onto the internet. The bug, dubbed "Cloudbleed," was patched within hours of being discovered but had potential for massive impact due to the scale of Cloudflare's operations. An analysis of log data revealed no evidence of malicious exploitation before patching and that most customers experienced no data leaks. Passwords, credit card numbers, or health records were not found in any instances of leaked data from search engine caches. The company is working to expunge all leaked data from third-party caches and has undertaken a full review of its code for potential vulnerabilities.

Company
Cloudflare

Date published
March 1, 2017

Author(s)
Matthew Prince

Word count
3893

Language
English

Hacker News points
287


By Matt Makai. 2021-2024.