Cloudflare Memory Leak Disclosure and Impact

Posted By: Brian Farrell

Last Updated: Friday February 24, 2017

As many of you are aware a recent Cloudflare memory leak was reported. This exploit resulted in sensitive encrypted data being viewable in plaintext primarily through major search engine caches but potentially in realtime as well. As of this posting the exploit has been fixed and we’re told no further disclosures are occurring.

Hawk Host utilizes Cloudflare services for its own web properties. We have searched extensively for any indication that our customers data was disclosed and have so far found no sign that we were personally affected by this exploit. We have also been told by Cloudflare directly that there is no indication from their side that our websites or properties were involved in the leak. We will continue to ensure this is the case through both our own research and working with Cloudflare and any new information they can provide us.

Despite there being no indication of information disclosure from our websites or properties we strongly recommend all customers change their passwords just to be safe. Please use the following URLs to complete your resets:

Client Area Password Reset URL Forums Password Reset URL

For additional information regarding this exploit please refer to the following resources:

Official Cloudflare Incident Report Initial Google Project Zero Issue Hacker News Discussion

Ready to get started? Build your site from
$2.24/mo
GET STARTED NOW