Who is affected?
In total there are 4,287,625 domains that are potentially affected by the Cloudbleed flaw in the five months (9/22/16 – 2/20/17) Cloudbleed went undetected. Affected websites include Uber, Yelp, OkCupid, Patreon, Digitalocean, Glassdoor, and Fitbit. A complete list can be found here. Additionally mobile security firm NowSecure has reported a list of 200 iOS apps that may be affected as well.
What can you do about the Cloudbleed bug?
It is highly suggested that internet users change the passwords to their accounts, especially if they use the same password across multiple sites. It is also suggested that two-factor authentication is used when available. Websites such as lastpass and 1password can be used to maintain secure passwords across all sites.