Skip to main content
  1. Home
  2. Computing
  3. News

Here’s a list of sites and services affected by Cloudbleed, and what to do next

By

Last week, we found out about Cloudbleed, a major leak of user data affecting sites and services that use infrastructure provided by Cloudflare. It’s still too early to determine the scale of the problem — but it’s an ideal time to respond if you’re looking to avoid the fallout.

Cloudbleed refers to a memory leak that caused user data from apps and websites that use Cloudflare’s services to be splashed across the internet, and is being compared to the Heartbleed bug that reared its head in 2014. Unfortunately, it’s thought that some of the data leaked as a result of Cloudbleed may have been cached by search engines, meaning that malicious entities could have intercepted it, according to a report from Gizmodo.

Recommended Videos

Cloudflare has such an enormous list of clients that it’s difficult to list every single site and service that could be affected — although an effort to do just that is in progress on GitHub. Here’s a list of some of more commonly used domains that could have had user data leaked (although there’s no confirmation that they’ve been compromised as of yet):

  • uber.com
  • yelp.com
  • medium.com
  • 4chan.com
  • bitcoin.de
  • fitbit.com
  • authy.com
  • tfl.gov.uk
  • okcupid.com
  • discordapp.com
  • feedly.com
  • thepiratebay.org
  • pastebin.com
  • change.org
  • puu.sh

The above is by no means a definitive list, as millions of domains could potentially be at risk. However, it should demonstrate the variety of services that could be affected.

Related: 
Best new movies to stream on Netflix, Hulu, Prime Video, HBO Max, and more

To check whether any sites or apps you use are at risk, you can scour the full list on GitHub, or use the Does it use Cloudflare? web tool. However, most internet users are likely to hold an account on at least one affected site, so password refreshes are recommended for all.

Changing out every password you are currently using may seem extreme, but the stakes are high. If your user data has been leaked, and you use the same password for multiple sites, it might be possible for a stranger to gain access to all kinds of services on your behalf.

As such, it’s well worth doing a sweep now, and changing up your passwords to ensure that you’re kept safe. The inconvenience of spending a hour or two completing the task is a small price to pay for peace of mind.

This might also be a good time to improve your online security across the board. If you’re not already using a password manager and two-factor authentication to keep your accounts safe, there’s no better time to implement these services.

Above all else, vigilance is key. This is an evolving situation, since the problem was only made public a matter of days ago, and there are so many domains that could be affected. Keep a close eye on important accounts, and if you notice anything suspicious, make sure to follow up.

Brad Jones
Brad Jones
Former Contributor
Brad is an English-born writer currently splitting his time between Edinburgh and Pennsylvania. You can find him on Twitter…
Topics

Editors’ Recommendations

What does a VPN do? Here’s what they are and how Surfshark can help
Surfshark and Windscribe prices appear in a split-screen on a PC monitor.

Between statewide site bans, some streaming services not playing all content in all areas, and the increasing worry that the US may block outside content, you may have an increasing interest in getting one of the best VPNs. Here, we're going to look at these problems and what a VPN does to help. We'll also consider how every VPN service offers different extras, creating a unique package.

It can be intense to go through each and every feature, so we'll be looking at Surfshark as a case study. One advantage of this is that Surfshark has a free trial, which is fairly unusual in the world of paid VPN services. Go ahead and tap the button below to try Surfshark on your own (again, it has a free trial) and see if it solves your problems, or keep reading to learn what a VPN does and how complimentary features (such as the ones from Surfshark) really pull the whole service together into something you can get a whole lot of mileage out of.

Read more
Samsung’s XR headset and smart glasses: here’s what we know after Galaxy Unpacked 2025
The Project Moohan headset.

At Galaxy Unpacked 2025, Samsung teased its upcoming XR headset, Project Moohan. This Vision Pro competitor is expected to launch later this year at a significantly lower cost than Apple's spatial computer. Samsung's mention was quite brief but we do have plenty of information about this exciting new device that's expected to arrive later this year.

Samsung isn't new to XR and with the backing of two other tech giants, Project Moohan could become a serious threat to Apple's Vision Pro and VR market leader Meta and its Quest 3 headset.
Samsung's XR history
While it might seem like Samsung is rushing to build a headset to answer Apple's Vision Pro, Samsung has a long history of VR development, starting with the GearVR system in 2015. Fast forward eight years to the Galaxy Unpacked 2023 event to see the first mention of work on Samsung's XR headset in partnership with Google and Qualcomm.

Read more
Everything you need to know about AI agents and what they can do
a hollow man under light

The agentic era of artificial intelligence has arrived. AI agents are capable of operating independently and without continuous, direct oversight, while collaborating with users to automate monotonous tasks. Based on the same large language models that drive popular chatbots like ChatGPT and Google Gemini, agentic AIs differ in that they use LLMs to take action on a user's behalf rather than generate content.

In this guide, you'll find everything you need to know about how AI agents are designed, what they can do, what they're capable of, and whether they can be trusted to act on your behalf.
What is an agentic AI?
Billed as "the next big thing in AI research," agentic AI is a type of generative AI model that can act autonomously, make decisions, and take actions towards complex goals without direct human intervention. These systems are able to interpret changing conditions in real-time and react accordingly, rather than rotely following predefined rules or instructions.

Read more