Possible site security breach related to Cloudflare

Discussion in 'Site Information' started by Amin Sabet, Feb 24, 2017.

  1. Amin Sabet

    Amin Sabet Administrator

    Jul 3, 2010
    Our site was one of many thousands of sites using Cloudflare, which recently disclosed a serious security breach that Cloudflare is suggesting affected a very small percentage of their sites.

    More information here:

    Incident report on memory leak caused by Cloudflare parser bug
    http://gizmodo.com/everything-you-need-to-know-about-cloudbleed-the-lates-1792710616

    I do not have any specific information to suggest that our site was directly involved. Cloudflare has said that they will notify owners of affected domains, and I have not received a notification. but as a precaution, it would be a good idea for all members to take the following steps:
    • Change your password on this site as well as any other site which uses the same password.
    • Avoid using the same password across multiple sites, especially ones which require the highest security (email, banking, etc).
    • Use two-factor authentication on the sites which require high security. We offer two-factor authentication as an option on this site.
    In order to further enhance security for our members, we will no longer require date of birth entry at registration, and I've purged all date of birth info from our database. Members can still choose to enter this information in their profile, but I'd advise against it.
     
    • Appreciate Appreciate x 3
    • Informative Informative x 2
  2. kyteflyer

    kyteflyer ~@¿@~

    Jan 31, 2011
    Newcastle, Australia
    Sue
    Its almost getting to the point where just being online is too much trouble...
     
    • Agree Agree x 3
  3. NoSeconds

    NoSeconds SC Veteran

    454
    Jan 1, 2017
    Troy
    My email account gets about 10-20 phishing emails per day that slip through the filters, it sucks but its just the orice you pay to be online these days...

    Hopefully one day in the near future, they'll all catch syphilis and die...
     
    • Like Like x 1
  4. Amin Sabet

    Amin Sabet Administrator

    Jul 3, 2010
    Maybe change to Gmail? I hardly ever get even one of those.
     
    • Agree Agree x 3
    • Appreciate Appreciate x 1
  5. Lightmancer

    Lightmancer Super Moderator Subscribing Member

    Aug 13, 2011
    Sunny Frimley
    Bill Palmer
    Ditto. I used to be inundated with the things when I was on Pipex (TalkTalk). Now hardly anything, and whatever does come through is caught by the spam filter.
     
  6. kyteflyer

    kyteflyer ~@¿@~

    Jan 31, 2011
    Newcastle, Australia
    Sue
    I get nearly no spam via icloud. Don't use gmail much anymore.