Your browser does not support JavaScript!

Cloudbleed-Use Multi Factor Authentication asap

Some hours ago, a security vulnerability became public regarding services of Cloudfare. Read this article “Cloudbleed” and strengthen your IT-security!

“Cloudfare Inc. is a U.S. company that provides a content delivery network, Internet security services and distributed domain name server services, sitting between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites.” see Wikipedia. A lot of Internet companies are using Cloudfare for the distribution of their content.

Please read this article at Cloudbleed: How to deal with it. The article’s beginning informs about the issue:

“Tavis Ormandy (Tavis Ormandy) of Google’s Project Zero uncovered a major vulnerability in the Cloudflare Internet infrastructure service. Essentially, web requests to Cloudflare-backed sites received answers which included random information from other Cloudflare-backed sites! This information could potentially include confidential information (private messages on dating sites, emails), user identity information (Personally Identifying Information (PII), and potentially in a healthcare context, Protected Health Information (PHI), or user, application, or device credentials (passwords, API keys, authentication tokens, etc.)”


To see which sites are affected, see

This includes services as Zendesk, Uber,,,, and about 10,000 more sites. I didn’t see sites as Microsoft, Apple, Amazon or Google included in that list, but a lot of other popular services.

So, our recommendation is: Use Multi Factor Authentication (MFA) for your relevant and admin accounts immediately!

Thanks Christoph Wille for that tip!