Skip to main content

Here’s a list of sites and services affected by Cloudbleed, and what to do next

A hand on a laptop in a dark surrounding.
Image used with permission by copyright holder
Last week, we found out about Cloudbleed, a major leak of user data affecting sites and services that use infrastructure provided by Cloudflare. It’s still too early to determine the scale of the problem — but it’s an ideal time to respond if you’re looking to avoid the fallout.

Cloudbleed refers to a memory leak that caused user data from apps and websites that use Cloudflare’s services to be splashed across the internet, and is being compared to the Heartbleed bug that reared its head in 2014. Unfortunately, it’s thought that some of the data leaked as a result of Cloudbleed may have been cached by search engines, meaning that malicious entities could have intercepted it, according to a report from Gizmodo.

Recommended Videos

Cloudflare has such an enormous list of clients that it’s difficult to list every single site and service that could be affected — although an effort to do just that is in progress on GitHub. Here’s a list of some of more commonly used domains that could have had user data leaked (although there’s no confirmation that they’ve been compromised as of yet):

  • uber.com
  • yelp.com
  • medium.com
  • 4chan.com
  • bitcoin.de
  • fitbit.com
  • authy.com
  • tfl.gov.uk
  • okcupid.com
  • discordapp.com
  • feedly.com
  • thepiratebay.org
  • pastebin.com
  • change.org
  • puu.sh
Please enable Javascript to view this content

The above is by no means a definitive list, as millions of domains could potentially be at risk. However, it should demonstrate the variety of services that could be affected.

To check whether any sites or apps you use are at risk, you can scour the full list on GitHub, or use the Does it use Cloudflare? web tool. However, most internet users are likely to hold an account on at least one affected site, so password refreshes are recommended for all.

Changing out every password you are currently using may seem extreme, but the stakes are high. If your user data has been leaked, and you use the same password for multiple sites, it might be possible for a stranger to gain access to all kinds of services on your behalf.

As such, it’s well worth doing a sweep now, and changing up your passwords to ensure that you’re kept safe. The inconvenience of spending a hour or two completing the task is a small price to pay for peace of mind.

This might also be a good time to improve your online security across the board. If you’re not already using a password manager and two-factor authentication to keep your accounts safe, there’s no better time to implement these services.

Above all else, vigilance is key. This is an evolving situation, since the problem was only made public a matter of days ago, and there are so many domains that could be affected. Keep a close eye on important accounts, and if you notice anything suspicious, make sure to follow up.

Brad Jones
Former Digital Trends Contributor
Brad is an English-born writer currently splitting his time between Edinburgh and Pennsylvania. You can find him on Twitter…
I grilled Intel about its massive stability problem — here’s what it told me
intel instability unanswered questions dt respec

Intel is in trouble. We've known there was a problem for months, but the true scope of the issue is coming into focus. Intel has finally said a microcode update that will solve the instability problem is on the way, but it won't be here for several weeks. It's not much of a resolution, either -- I still have a lot of questions about Intel's instability problem, and how it plans to address the issue going forward.

I've sent the list of questions below to Intel for a response, and in cases where Intel has responded, I'll provide the exact quote. We've definitely seen some shifty communication from Intel regarding the instability issue up to this point, so I'll fill in the gaps if there's anywhere Intel wasn't able to provide a solid answer.
How will this impact performance?

Read more
Don’t buy the Ryzen 7 7800X3D right now. Here’s what to get instead
A hand holding AMD's Ryzen 9 7950X3D processor.

Amazon Prime Day 2024 deals are out in full swing, so if you're in the market for a gaming CPU, you might gravitate toward the Ryzen 7 7800X3D. While it's true that it's discounted right now, it's not the only CPU to get a deep price cut for Prime Day -- and you could get a potentially better CPU for less. Similarly, these deals are making one thing clear -- there's no need to wait for Zen 5.

AMD's 3D V-Cache CPUs are known for their gaming prowess, and while they've received multiple price cuts since launch, you'd be hard-pressed to find them cheaper than this. Let's take a closer look at the deals:

Read more
Tandem OLED laptops are here, but they’re not what you think
Dell XPS 13 2024 front angled view showing display and keyboard.

Tandem OLED made quite a splash on the new M4 iPad Pro when it was announced. After all, it seemed to solve one of the major issues with OLED screens. Having used the display myself, I can say it's certainly impressive.

That's why I was excited to see that Windows laptops were quickly adopting the technology as well, with the first one announced being the new XPS 13 Copilot+ laptop.

Read more