Change your passwords!

dmurphy

Administrator
ServUO Developer
I am going to prefix this announcement with this: No data has been leaked from ServUO's servers.

Earlier today CloudFlare made this blog post. Basically they made a boo boo and a very tiny amount of traffic going through cloudflare may have been cached by search engines when it should not have been. This data can contain sensitive data including session and cookie information.

Cloudflare is used by a lot of very big websites out there. ServUO is just one site out of hundreds of thousands. All of these sites would have been open to this issue so it is very important that you change your passwords not just on ServUO but on any other website you frequent too. If those sites offer 2 factor authentication it is recommended you turn it on. If you would like to turn this on for ServUO you can do so here: https://www.servuo.com/account/two-step

I have invalidated all sessions and cookies previous to this post. You should all be asked to log in again.

This is a great reminder though that we should change our passwords frequently!

You can find a list of sites that may have been affected by this issue at this github page: https://github.com/pirate/sites-using-cloudflare