On February 23, 2017 web services and security firm Cloudflare announced a massive memory leak that affected numerous websites, possibly including popular ones that you may have used.
Google’s Project Zero team discovered the leak and reported it to Cloudfare on February 18, 2017. The leak, dubbed Cloudbleed, exposed passwords and private data. Software collaboration site Github has created a list of possibly affected websites:
See Github’s list of potentially affected sites →
What You Should Do
Details of the news are still coming in. Based on what we know so far, here’s what we recommend you do:
1. Change your passwords.
2. Share this alert with your friends.
If your friends’ passwords get compromised, it could result in phishing attacks using their address books, which means you could be targeted.
Contact PowerOne if you (or your friends) need help setting up a password management tool or dealing with the fallout of this security issue.