247 Detectives

Please Call NOW 0845 520 4121 / 07017 411 007

Please Call NOW 0845 520 4121 / 07017 411 007

Content Area 1

1st Call Detectives Blog

Get the latest information & news from the industry...

Archive +

Tags

Archive by Date

Cloudflare error causes massive data spill

The content network Cloudflare, which offers security against DDoS attacks as one if its servers, has leaked potentially large volumes of data following a single character error in its coding. As soon as the error was realised, the company worked to remedy the situation, but it is currently unknown exactly how much information was leaked. The software is used by major companies including search engines, as well as software apps and devices that collect personal information. The leak has exposed the potential security flaws involved when using a cloud based system, and companies are encouraged to ensure that all their data is backed up, and that they use reliable and reputable firms for any cloud or IOT services. 

Project Zero is Google’s specialist security department; a team that looks for flaws, identifies them, and attempts to remedy them. Tavis Ormandy of Project Zero identified this particular threat, and said that the flaw has been present for several months. Although Cloudflare is seemingly reluctant to share details of exactly which companies were at risk, and what data was leaked, Ormandy and a number of other individuals and security specialists have started to investigate and piece together the data loss.

Ormandy has so far found data from Uber, 1Password, FitBit, and OKCupid. Nick Sweeting, the CTO of Blitzka Software, has compiled a list of 4.3 million companies and groups that use the software company and aims to narrow this list down to those that would have been at risk from the leak. 

1Password users were especially concerned. The service acts as a security doorway. Users can enter a single password for the service, and it then logs on to additional services. This type of service is especially handy for those that use multiple passwords on different sites, but if somebody were to gain access to that single password, it means that they could potentially have access to logon details for bank accounts and more. Thankfully, 1Password has said that the data that they collect and store is encrypted in two other ways, so that even if data was leaked, user accounts were not at risk.

Jeffrey Goldberg, of the password service, said that the system has been designed for the very real possibility that SSL encryption can fail. Additional security layers help to protect against this very kind of threat.

Cloudflare’s CTO, John Graham-Cunning has said that the bug was introduced into an HTML parser, which modifies pages that come through the service’s server. Although the company are remaining tight lipped over exactly what information was lost, Graham-Cunning has said that it appears that nobody other than Google’s security analyst noticed the leak, or took advantage of it.

The problem was first spotted by Ormandy on February 17 when he noticed unusual data while studying public data sets. He said that it wasn’t unusual to come across junk data, so his team ran tests on what they had found. It was determined that they had cookies, passwords, and POST data. His team stopped immediately and contacted Cloudflare. Initially, Ormandy contacted the company via Twitter, knowing that seconds really could matter when trying to resolve this kind of problem and preventing the data from becoming used and the breach exploited.

Four days later, Cloudflare were attempting to scrub the data that had been leaked to search engines, but Ormandy was still finding fresh data being streamed. Cloudflare has said that this was caused by data being cached, and that they are now confident that no additional cached data is being allowed to spill.

Cloudflare released a public blog post once the incident was cleaned up and rectified. Although they were seen as being open about the problem, the causes, and how it had been fixed, Ormandy has criticised the company, saying that the message very clearly down plays the significant security risk that was posed following the leak.

Data reveals that customers were mostly impacted between 13th and 18th October, and that one in 3.3 million HTTP requests potentially could have led to a data leak. 

 

Cloudflare is described as a content network. It improves the performance of websites, and increases redundancy, which can reduce errors and improve web results. They do also offer protection against so-called Distributed Denial of Service, or DDoS, attacks. It seems likely that the company downplayed the severity of the issue, because a security breach, especially one caused by a single incorrect character in their coding, is an embarrassment for an organisation that offers cyber security as one of its services.

Modern cyber security requires layer upon layer of protection. Fortunately, 1Password offers these multiple layers of encryption, so if you do use the service, it means that it is highly unlikely that any data was leaked or spilled onto the web. Until Cloudflare, or a security analyst, releases precise details of the information that was leaked, however, companies cannot be certain.

Leave a comment
Areas & Postcodes We Cover
  • NW7, NW9, NW4, NW11, NW2, NW10, NW6, NW3, NW8, NW5, NW1, N20, N12, N3, N2, N10, N6, N8, N19, N7, N1, N5, N4, N16, N15, N17, N18, N11, N14, N21, N9, N13, N22 
  • E4, E17, E18, E5, E10, E11, E8, E9, E2, E1, E14, E3, E16, E6, E13, E15, E7, E12, SW6, SW10, SW5, SW7, SW3, SW1, SW14, SW13, SW15, SW20, SW19, SW18, SW17, SW16, SW12, SW2, SW9, SW8, SW11, SW4
  • EC4, EC1, EC2, EC3, SE1, SE11, SE17, SE16, SE5, SE15, SE14, SE8, SE24, SE22, SE4, SE21, SE23, SE26, SE20, SE25, SE19, SE6, SE12, SE9, SE18, SE2, SE28, SE7, SE10, SE3, SE13 
  • W1P W1M W1N W1R W1S W1T W1U W1V W1W W1X W1Y W1K W1J W1H W1A W1B W1C W1D W1F W1G W2 W3 W4 W5 W6 W7 W8 W9 W10 W11 W12 W13 W14
     
  • © All rights reserved 2014 '1st Call Detectives'
  • /
  • Website designed & devloped by evokeu