? Security Alert ?
Security Alert!
Over the last week there has been a leak of data from Cloudflare, which is a CDN (content delivery network) in front of major sites on the internet, including Subeta. More importantly, it includes much larger sites like some listed here.
It's unclear exactly how much data was leaked in this method, or where it is still visible, and we will be monitoring the situation as more information comes out.
What can you do?
We advise changing your passwords on affected sites, and enabling two factor authentication where possible.
What is Subeta doing?
We will be rotating our private HTTPS keys.
Subeta does not store your password in plain text, so no one has the ability to access that even if Subeta data was leaked - but we will be changing our secret hashes for passwords, so any that were leaked cannot be used.
Posted by Keith
Speiro
Flightrising uses cloudflare too, just fyi. I know a lot of people play that too, so spread the word. I don't see any official announcement about this leak over there, which is troubling.
1
RunningWild
Thank you so much for this heads up!
I'm so glad that the staff are onboard with this and discussing issues compared to most websites.
I'm so glad that the staff are onboard with this and discussing issues compared to most websites.
1
Vaixation
Upwork and Elance are affected? Holy crap, that's concerning since people do business on there / exchange money. Thank you for the heads up!
0
usagi
Thank you subeta for always taking security breaches seriously and being so transparent and informative about them. ♥️
0
Chey
If it wasn't for your warning, I never would have understood why I got locked out of my fb account earlier. Many of my friends and I have been visiting and using some of the sites listed. Me and a few of them were forced to change our fb pws, which I'm totally ok with, but I didn't understand WHY until now. Thank you guys so much for keeping us aware! :)
0
Selaphi
Thank you for not keeping our passwords in plaintext. XD
If only other sites were as professional.
If only other sites were as professional.
3
Hunger
Thanks for the alert!
I probably wouldn't have known if not for subeta, I love you guys<3
I didn't see many sites on the list that I know, but ill change my passwords anyway
I probably wouldn't have known if not for subeta, I love you guys<3
I didn't see many sites on the list that I know, but ill change my passwords anyway
0
Whimsical
I use about two of these other than subeta, and I cant even remember the passwords for them, so I needed to change them anyway. Thanks for the alert!
0
Morticia
Thanks for the allert.
And even more.. thank you for your great work on keeping your userdata safe.
And even more.. thank you for your great work on keeping your userdata safe.
0
Yuzu
Shit. I use some of these websites but I don't have accounts on most of them. Hopefully I have nothing to worry about, but I should probably change a few just in case....
0
Zii
Oh jesus.
That's literally a list of every site I've ever used. OUCH
I have a lot of work to do now....
That's literally a list of every site I've ever used. OUCH
I have a lot of work to do now....
2
Serecino
Yipes, thanks for the heads up. I hadn't even heard mention of this outside from you guys, and I'm glad you informed us. D:
3
FCoD
Thanks staff, I've begun the arduous task of changing a bunch of stuff. I also now have a headache. *sigh*
3
diehard67
I for one am impressed that subeta uses proper hashing for passwords rather then using reversable encryption.
and that they are strait up with users and don't sit on this stuff.
thenx 4 the heads up
and that they are strait up with users and don't sit on this stuff.
thenx 4 the heads up
28
Darkrai
Thank you for mentioning this!
I have no idea what I have that could be affected but I'll change everything I can think of anyway
I have no idea what I have that could be affected but I'll change everything I can think of anyway
1
shylarah
Be aware that Discord is affected, and if you've connected Discord to other sites or applications those may be compromised as well. I've had a couple friends whose skype has been messed with because it was linked to their Discord. Granted, it was believed a Discord plugin was to blame, and I don't know the intricacies of this, but might be a good idea to unlink any other accounts and change passwords for all of them.
8
arixen
I just heard about this and was about to change my password. Thanks, as always, for being on top of the important things and looking out for Subeta's users.
2
elephants
Thats... huge. Much bigger than Subeta. Many of the biggest sites are using Cloudflare. Period. At least according to that Github link, it looks like over 1000 of the top 10000 websites (by Alexa rating) on the entire internet. Good luck guys, and try to stay safe.
0
crashingnightingales
Thanks for the alert! Fortunately, I'm not really active on any of those sites listed!
1
Bug
Omg thank you subeta. I would not have found out about this until tomorrow, if it were not for this news post. I have stuff on a couple of the other websites affected so this was super good to know. So yay, thank you Subeta for telling me about this lol...
6
TheCryptKeeper
Thank you for the alert Keith.
Sorry that this happened, it means a rush of work for you and the staff.
Sorry that this happened, it means a rush of work for you and the staff.
4