? Security Alert ?

Security Alert!

Over the last week there has been a leak of data from Cloudflare, which is a CDN (content delivery network) in front of major sites on the internet, including Subeta. More importantly, it includes much larger sites like some listed here.

It's unclear exactly how much data was leaked in this method, or where it is still visible, and we will be monitoring the situation as more information comes out.

What can you do?

We advise changing your passwords on affected sites, and enabling two factor authentication where possible.

What is Subeta doing?

We will be rotating our private HTTPS keys.

Subeta does not store your password in plain text, so no one has the ability to access that even if Subeta data was leaked - but we will be changing our secret hashes for passwords, so any that were leaked cannot be used.

Posted by Keith

02/24/17 12:02 am Leave Comment

Load this on 🆕 Kumos site

Speiro 02/24/17 9:33 pm

Flightrising uses cloudflare too, just fyi. I know a lot of people play that too, so spread the word. I don't see any official announcement about this leak over there, which is troubling.

RunningWild 02/24/17 4:36 pm

Thank you so much for this heads up!
I'm so glad that the staff are onboard with this and discussing issues compared to most websites.

qwh 02/24/17 4:04 pm

I changed my password i hope no accounts on this website were affected

Bliss 02/24/17 3:23 pm

@~~seephira~~
I would rather change it as a precaution. I also heard that you should be changing your passwords every week.

~~seephira~~ 02/24/17 3:07 pm

so why change the passwords if there is no way that someone can get them?

Vaixation 02/24/17 2:58 pm

Upwork and Elance are affected? Holy crap, that's concerning since people do business on there / exchange money. Thank you for the heads up!

theraphos 02/24/17 2:26 pm

Thank you, subeta!

usagi 02/24/17 2:08 pm

Thank you subeta for always taking security breaches seriously and being so transparent and informative about them. ♥️

Chey 02/24/17 2:06 pm

If it wasn't for your warning, I never would have understood why I got locked out of my fb account earlier. Many of my friends and I have been visiting and using some of the sites listed. Me and a few of them were forced to change our fb pws, which I'm totally ok with, but I didn't understand WHY until now. Thank you guys so much for keeping us aware! :)

Ramby 02/24/17 1:44 pm

Thanks for the alert

Kaz 02/24/17 1:00 pm

Thanks for the heads-up!

LikeTwoPancakes 02/24/17 12:29 pm

Thank you for keeping us aware!

Selaphi 02/24/17 11:25 am

Thank you for not keeping our passwords in plaintext. XD
If only other sites were as professional.

Hunger 02/24/17 11:24 am

Thanks for the alert!
I probably wouldn't have known if not for subeta, I love you guys<3
I didn't see many sites on the list that I know, but ill change my passwords anyway

Ipsi 02/24/17 10:46 am

that dog needs a revamp

Library-Whale 02/24/17 10:00 am

Thanks for the heads-up!

LisaJean1003 02/24/17 9:54 am

Thank you letting us know.

Arte 02/24/17 9:43 am

thanks for the alert

Jack 02/24/17 9:31 am

Thanks for the alert!

Yuzuru 02/24/17 9:22 am

Thank you so much for the alert!

Whimsical 02/24/17 9:21 am

I use about two of these other than subeta, and I cant even remember the passwords for them, so I needed to change them anyway. Thanks for the alert!

Pirate 02/24/17 7:57 am

@PiplupMagby34 According to the news post, yes

Kuroshi 02/24/17 7:32 am

Thanks for the alert!

PiplupMagby34 02/24/17 7:16 am

Thanks for the alert! Should I change my password?

Morticia 02/24/17 7:06 am

Thanks for the allert.

And even more.. thank you for your great work on keeping your userdata safe.

just2b 02/24/17 5:55 am

Thanks for the alert!

MOKONA 02/24/17 5:54 am

Thank you for the alert! :)

:O I'm surprised by a number of sites on the list.

Ravel 02/24/17 4:22 am

Thank you for the alert!

Demeter 02/24/17 4:18 am

Thanks for the alert! Good to know.

Julie 02/24/17 2:13 am

Thanks for the alert, I need to change just a few.

Yuzu 02/24/17 1:36 am

Shit. I use some of these websites but I don't have accounts on most of them. Hopefully I have nothing to worry about, but I should probably change a few just in case....

Genevra 02/24/17 1:20 am

Thank you for the heads-up!

Zii 02/24/17 12:59 am

Oh jesus.
That's literally a list of every site I've ever used. OUCH
I have a lot of work to do now....

Serecino 02/24/17 12:58 am

Yipes, thanks for the heads up. I hadn't even heard mention of this outside from you guys, and I'm glad you informed us. D:

FCoD 02/24/17 12:54 am

Thanks staff, I've begun the arduous task of changing a bunch of stuff. I also now have a headache. sigh

youngexplorer 02/24/17 12:39 am

I never heard of any of those sites.

diehard67 02/24/17 12:32 am

I for one am impressed that subeta uses proper hashing for passwords rather then using reversable encryption.

and that they are strait up with users and don't sit on this stuff.

thenx 4 the heads up

Rocketlauncher 02/24/17 12:26 am

Ah Cloudflare, the Microsoft of the internet.
Thanks for the heads up!

Pagan 02/24/17 12:24 am

Thank you for putting the players first. I really appreciate it.

Redwolflake15 02/24/17 12:23 am

thanks ;-;

Darkrai 02/24/17 12:21 am

Thank you for mentioning this!

I have no idea what I have that could be affected but I'll change everything I can think of anyway

Stiles 02/24/17 12:20 am

Thanks Obama.

Snowflake 02/24/17 12:18 am

thanks for letting us know!

SnappytheRoyalMoongod 02/24/17 12:18 am

Thanks for the alert.

shylarah 02/24/17 12:17 am

Be aware that Discord is affected, and if you've connected Discord to other sites or applications those may be compromised as well. I've had a couple friends whose skype has been messed with because it was linked to their Discord. Granted, it was believed a Discord plugin was to blame, and I don't know the intricacies of this, but might be a good idea to unlink any other accounts and change passwords for all of them.

Curbstomped 02/24/17 12:16 am

Oh, jeez. That sucks. Thanks for the update!

arixen 02/24/17 12:14 am

I just heard about this and was about to change my password. Thanks, as always, for being on top of the important things and looking out for Subeta's users.

Ivyana 02/24/17 12:13 am

Thank you for the warning!

EagleWing 02/24/17 12:11 am

Thank you.

Lantern 02/24/17 12:11 am

Well damn

CastlesInTheSky 02/24/17 12:11 am

a name of one of my scroll sets I made ages ago.
"CLOUDFLARE F**KING SUCKS!!!"

elephants 02/24/17 12:10 am

Thats... huge. Much bigger than Subeta. Many of the biggest sites are using Cloudflare. Period. At least according to that Github link, it looks like over 1000 of the top 10000 websites (by Alexa rating) on the entire internet. Good luck guys, and try to stay safe.

Vars 02/24/17 12:09 am

ugh thank you!! time to change my someecards dot com password RIP

Sydney 02/24/17 12:07 am

WOW Thanks! I just changed it 2 days ago. But hey ready to do it again!!!

stardust 02/24/17 12:07 am

Thank you for the warning, sorry this happened. ;u;

crashingnightingales 02/24/17 12:07 am

Thanks for the alert! Fortunately, I'm not really active on any of those sites listed!

Xenalicious 02/24/17 12:07 am

Thanks for the update!

Shelbi 02/24/17 12:07 am

Yikes! Thanks for the alert :o

Shantal 02/24/17 12:06 am

Thanks for the alert!

Bug STAFF 02/24/17 12:05 am

Omg thank you subeta. I would not have found out about this until tomorrow, if it were not for this news post. I have stuff on a couple of the other websites affected so this was super good to know. So yay, thank you Subeta for telling me about this lol...

DevilsRider 02/24/17 12:05 am

Thanks

Owl 02/24/17 12:04 am

Thanks!

TheCryptKeeper 02/24/17 12:04 am

Thank you for the alert Keith.
Sorry that this happened, it means a rush of work for you and the staff.

Straywillow 02/24/17 12:04 am

Thanks for the alert!

twishu 02/24/17 12:03 am

Thanks for the alert.

Leave Comment

Comments are currently on a short cache, meaning your comment may take a few minutes to show up after you post it.