Google Just Discovered A Massive Web Leak... And You Might Want To Change All Your Passwords

The CloudBleed bug could have leaked secrets from major web companies, like Uber and OKCupid, Google researchers claim. A Google researcher has uncovered what may be the most worrying web leak of 2017 so far, possibly exposing passwords, private messages and other sensitive data from a vast number of sites, including major services like Uber, FitBit and OKCupid. It's being dubbed CloudLeak by some, as the problem was caused by a vulnerability in code from a hugely popular web company, CloudFlare, and was not dissimilar to the infamous Heartbleed bug of 2015 (though possibly more severe in terms of the potential for data leakage). It's similar to Heartbleed in that CloudFlare, which hosts and serves content for a at least 2 million websites, was returning random chunks of memory from vulnerable servers when requests came in. Making the issue even more severe was the fact that search engines were caching that leaked information.