Incident report on Cloudflare parser bug
Cloudflare reported last night a bug in their service which could have leaked information from the services using their edge cache servers.
Feedly uses Cloudflare as a security shield which increases the reliability and performance of the Feedly web application. As such, Cloudflare informed us it is possible that some of the Feedly Web request performed between Feb 13 and Feb 18 might have been impacted by the information leak.
Despite the 1 in 3,300,000 chances of being impacted, we recommend to be extra cautious and take the following actions:
1/ If you are using the Feedly login/password, change your password. Go to the Logins page and change your password. Note: if you are using a third-party login option like Google, Facebook, or Twitter, you are NOT impacted and do not need to change your password .
2/ Logout and log back in. On Feedly Web, click on the face bubble icon (at the top right of the screen), select the logout option and then log back in. This will invalidate your old session/cookies and create a brand new one.
Our engineering team has a follow up call with the Cloudflare team later this afternoon and we will update this post if we learn anything that changes these recommendations.
We want to thank the Cloudflare team for how well they handled this situation. It is how you manage exceptions that defines your brand, and Cloudflare did really well despite what might have been a very stressful moment for them. We look forward to continuing to work with them to make Feedly safer and more reliable.
Please let us know if you have any questions.
-Seb, David, and Edwin The third party login authentication is performed via OAuth. You login directly with those 3rd party sites and Feedly only gets an authentication token. One of the benefits of OAuth is that Feedly or Cloudflare never get to see your third party passwords.
Source: Follow 数字で見るドッカンバトル！攻略情報まとめ