'CloudBleed' leak compromises passwords for services including Uber, FitBit, and OKCupid


A security breech dubbed "CloudBleed" because of its link to cybersecurity company Cloudflare compromised some 3,400 websites, including popular services like Uber, FitBit, and OKCupid. News of the bug broke Thursday and Friday after it was discovered by a Google researcher named Tavis Ormandy, and users are encouraged to change their passwords on affected sites even though the problem has now been fixed.
Ormandy's report indicated he was able to find "private messages from major dating sites, full messages from a well-known chat service, online password manager data, frames from adult video sites, hotel bookings," though Cloudflare says it has "not discovered any evidence of malicious exploits of the bug or other reports of its existence."
For now, most potentially affected "users are probably fine," explained Adam Clark Estes at Gizmodo Saturday. "Then again," he adds, "Cloudbleed illustrates a larger problem with internet security. If one major player gets pwned, the consequences can be catastrophic."
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
Sign up for Today's Best Articles in your inbox
A free daily email with the biggest news stories of the day – and the best features from TheWeek.com
Bonnie Kristian was a deputy editor and acting editor-in-chief of TheWeek.com. She is a columnist at Christianity Today and author of Untrustworthy: The Knowledge Crisis Breaking Our Brains, Polluting Our Politics, and Corrupting Christian Community (forthcoming 2022) and A Flexible Faith: Rethinking What It Means to Follow Jesus Today (2018). Her writing has also appeared at Time Magazine, CNN, USA Today, Newsweek, the Los Angeles Times, and The American Conservative, among other outlets.
-
George Floyd: Did Black Lives Matter fail?
Feature The momentum for change fades as the Black Lives Matter Plaza is scrubbed clean
-
National debt: Why Congress no longer cares
Feature Rising interest rates, tariffs and Trump's 'big, beautiful' bill could sent the national debt soaring
-
Why are military experts so interested in Ukraine's drone attack?
TODAY'S BIG QUESTION The Zelenskyy government's massive surprise assault on Russian airfields was a decisive tactical victory — could it also be the start of a new era in autonomous warfare?
-
Crypto firm Coinbase hacked, faces SEC scrutiny
Speed Read The Securities and Exchange Commission has also been investigating whether Coinbase misstated its user numbers in past disclosures
-
Starbucks baristas strike over dress code
speed read The new uniform 'puts the burden on baristas' to buy new clothes, said a Starbucks Workers United union delegate
-
Warren Buffet announces surprise retirement
speed read At the annual meeting of Berkshire Hathaway, the billionaire investor named Vice Chairman Greg Abel his replacement
-
Trump calls Amazon's Bezos over tariff display
Speed Read The president was not happy with reports that Amazon would list the added cost from tariffs alongside product prices
-
Markets notch worst quarter in years as new tariffs loom
Speed Read The S&P 500 is on track for its worst month since 2022 as investors brace for Trump's tariffs
-
Tesla Cybertrucks recalled over dislodging panels
Speed Read Almost every Cybertruck in the US has been recalled over a stainless steel panel that could fall off
-
Crafting emporium Joann is going out of business
Speed Read The 82-year-old fabric and crafts store will be closing all 800 of its stores
-
Trump's China tariffs start after Canada, Mexico pauses
Speed Read The president paused his tariffs on America's closest neighbors after speaking to their leaders, but his import tax on Chinese goods has taken effect