feb 1, 2017 - Cloudbleed
Description:
https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/
In February, the internet infrastructure company Cloudflare announced that a bug in its platform caused random leakage of potentially sensitive customer data. Cloudflare offers performance and security services to about six million customer websites (including heavy hitters like Fitbit and OKCupid), so though the leaks were infrequent and only involved small snippets of data, they drew from an enormous pool of information.
Google vulnerability researcher Tavis Ormandy discovered the problem on February 17, and Cloudflare patched the bug within hours, but the data leakage could have started as early as September 22, 2016. Leaked data was only deposited on a small subset of Cloudflare customer sites, and usually it wasn't visible on the pages themselves. Search engines like Google and Bing that crawl the web, though, automatically cached the errant data—everything from gibberish to users' Uber account passwords and even some of Cloudflare's own internal cryptography keys—making it all easily accessible through search.
Added to timeline:
Timeline of Cyber Security Incidents
Prepared by https://cybersecurity.wtf/
Date:
