'CloudBleed' leak compromises passwords for services including Uber, FitBit, and OKCupid

(Image credit: Lionel Bonventure/Getty Images)

A security breech dubbed "CloudBleed" because of its link to cybersecurity company Cloudflare compromised some 3,400 websites, including popular services like Uber, FitBit, and OKCupid. News of the bug broke Thursday and Friday after it was discovered by a Google researcher named Tavis Ormandy, and users are encouraged to change their passwords on affected sites even though the problem has now been fixed.

Ormandy's report indicated he was able to find "private messages from major dating sites, full messages from a well-known chat service, online password manager data, frames from adult video sites, hotel bookings," though Cloudflare says it has "not discovered any evidence of malicious exploits of the bug or other reports of its existence."

Article continues below

The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE

https://cdn.mos.cms.futurecdn.net/flexiimages/jacafc5zvs1692883516.jpg

Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Explore More

Bonnie Kristian was a deputy editor and acting editor-in-chief of TheWeek.com. She is a columnist at Christianity Today and author of Untrustworthy: The Knowledge Crisis Breaking Our Brains, Polluting Our Politics, and Corrupting Christian Community (forthcoming 2022) and A Flexible Faith: Rethinking What It Means to Follow Jesus Today (2018). Her writing has also appeared at Time Magazine, CNN, USA Today, Newsweek, the Los Angeles Times, and The American Conservative, among other outlets.