Information Security Advisory- Possible Password Exposure from Cloudflare Memory Leak

 

Cloudflare, one of the largest internet security companies, has announced that sensitive information and user data may have been exposed due to a massive memory leak. It is good security practice to change your passwords on a regular basis. To minimize any potential impact from this recent memory leak, we recommend changing the passwords to your UR NetId and Active Directory credentials and alternating other passwords between various sites.

 

What Should I Do to Protect Myself? Change Your Password!

To change your password for both your UR NetId and Active Directory credentials as soon as possible.

Change your password for the services that have been affected: yelp.com, fitbit.com, uber.com. (A partial list of affected sites may be found at https://github.com/pirate/sites-using-cloudflare )

 

Further Reading

 

Quick Security Tip: Visit the University of Rochester Information Security Password page at https://tech.rochester.edu/security/passwords/ to learn how to create secure passwords.

 

If you have any questions concerning this vulnerability, contact your IT support staff at:

University IT Help Desk

Phone: (585) 275-2000

Email: UnivITHelp@ rochester.edu

 

Medical Center Help Desk

Phone: (585) 275-3200

Email: helpdesk_ISD@ urmc.rochester.edu