Possible site security breach related to Cloudflare

Amin

Hall of Famer
Our site was one of many thousands of sites using Cloudflare, which recently disclosed a serious security breach that Cloudflare is suggesting affected a very small percentage of their sites.

More information here:

Incident report on memory leak caused by Cloudflare parser bug
Everything You Need to Know About Cloudbleed, the Latest Internet Security Disaster

I do not have any specific information to suggest that our site was directly involved. Cloudflare has said that they will notify owners of affected domains, and I have not received a notification. but as a precaution, it would be a good idea for all members to take the following steps:
  • Change your password on this site as well as any other site which uses the same password.
  • Avoid using the same password across multiple sites, especially ones which require the highest security (email, banking, etc).
  • Use two-factor authentication on the sites which require high security. We offer two-factor authentication as an option on this site.
In order to further enhance security for our members, we will no longer require date of birth entry at registration, and I've purged all date of birth info from our database. Members can still choose to enter this information in their profile, but I'd advise against it.
 
My email account gets about 10-20 phishing emails per day that slip through the filters, it sucks but its just the orice you pay to be online these days...

Hopefully one day in the near future, they'll all catch syphilis and die...
 
Ditto. I used to be inundated with the things when I was on Pipex (TalkTalk). Now hardly anything, and whatever does come through is caught by the spam filter.
 
Back
Top