This notice is from the archives of The Notice Board. Information contained in this notice was accurate at the time of publication but may no longer be so.
On Feb 24, 2017 various news outlets reported a vulnerability that was discovered in the internet cloud service called “CloudFlare”. Cloudfare provides authentication services for applications and web services throughout the world on both computers and moible devices, and is intended to simplify the complex environment of navigating all the different accounts you establish on the internet. This vulnerability had the potential to expose sensitive user information include usernames, passwords, chat messages, and other types of data that were intended to remain private. Accounts linked to major services such as Uber, 1Password, and Ciniplex Online could have potentially been affected. Cloudflare services thousands of companies, and the list above was not intended to be exhaustive.
The good news, is that the issue was reported by a responsible researcher working for Google, and once the report was received, Cloudflare had patched its entire infrastructure in less than 7 hours. The various companies which use Cloudflare may have reached out to you recommending a password change for your account in response to this incident. The odds of your data having been leaked are low, but regular password changes are never a bad idea. For recommendations on how to select a good password feel free to visit the Information Security Office’s website here (https://www.uleth.ca/information-technology/security/password-best-pract...).
If you have questions about this incident or how it may have affected you please feel free to reach out to the Information Security Office by emailing security@uleth.ca
Contact:
Kevin Vadnais | kevin.vadnais@uleth.ca | (403) 332-4056 | uleth.ca/information-technology/security