Change your passwords.

[MoFo]

DNS service Cloudflare has suffered a memory leak that has exposed user data for thousands (possibly millions) of websites.   This page has a list of the most notable (potentially) affected domains, and a zip with all possibly affected domains.  If you use any of the listed sites, it would be a very good idea to change your passwords for them.  If you use the same password on any other site, it would be a very good idea to change *those* too.  (it's a terrible idea to share passwords anyway)

 

Quote

Impact

Between 2016-09-22 - 2017-02-18 passwords, private messages, API keys, and other sensitive data were leaked by Cloudflare to random requesters. Data was cached by search engines, and may have been collected by random adversaries over the past few months.

Requests to sites with the HTML rewrite features enabled triggered a pointer math bug. Once the bug was trigerred the response would include data from ANY other cloudfare proxy customer that happened to be in memory at the time. Meaning a request for a page with one of those features could include data from Uber or one of the many other customers that didn't use those features. So the potential impact is every single one of the sites using CloudFare's proxy services (including HTTP & HTTPS proxy).

"The greatest period of impact was from February 13 and February 18 with around 1 in every 3,300,000 HTTP requests through Cloudflare potentially resulting in memory leakage (that’s about 0.00003% of requests), potential of 100k-200k paged with private data leaked every day" -- source

You can see some of the leaked data yourself in search engine caches: https://duckduckgo.com/?q=+%7B%22scheme%22%3A%22http%22%7D+CF-Host-Origin-IP&t=h_&ia=web

Confirmed affected domains found in the wild: http://doma.io/2017/02/24/list-of-affected-cloudbleed-domains.html

What should I do?

Check your password managers and change all your passwords, especially those on these affected sites. Rotate API keys & secrets, and confirm you have 2-FA set up for important accounts. This might sound like fear-mongering, but the scope of this leak is truly massive, and due to the fact that all cloudflare proxy customers were vulnerable to having data leaked, it's better to be safe than sorry.

Theoretically sites not in this list can also be affected (because an affected site could have made an API request to a non-affected one), you should probably change all your important passwords.

 

 

Change your passwords.

[Slartibartfast]

Ouch. Many of the sites are behind-the-scenes sites but there are some big ones. 4 chan, some android support sites and a couple of fitbit support sites. Quite a few torrent sites made the list, too.

[Ryan Hothersall]

Haven't heard of most of those sites. Hope ARC, Britmodeller etc aren't on the list. 

[MoFo]

From the full list of possibly affected domains, it looks like both ARC and Britmodeller may have exposure through Invision Power Services (the software that runs the boards), depending on how their traffic is handled.  It's not just the explicit domains that are the problem, but the background services that run them.

 

Network54 is also on the list, which would include the  Hyperscale Forums.  Eduard.com also seems to be on the list.  And it looks like a number of blogs may be included, via Wordpress and Blogspot.

 

You also appear to have exposure through your own website, via crazydomains.com.