This week it was revealed that the content delivery service provider, Cloudflare, was affected by a systemic vulnerability that leaked sensitive information from secure HTTPS connections. While the actual manifestation of the bug that caused the leak at first glance may seem relatively small, affecting an estimated 0.00003% of all requests to the Cloudflare service, this still represents a relatively large amount of data considering that Cloudflare serves traffic for over 5.5% of all websites.
To make matters worse is that some of this data has been leaked for months and some data was cached by Google, Yahoo, Bing and other search engines. The impact of this vulnerability on Cloudflare’s customers and users could stretch on for months or years as more leaked data is discovered by both cybersecurity researchers and hackers alike.
Keeper does not utilize Cloudflare or any other distributed content delivery network for the delivery of encrypted user data and, therefore, was not impacted by the Cloudflare vulnerability. Keeper is a zero-knowledge security provider – the keys to decrypt your data are always derived on the end-user device from the master password and are never transmitted over the internet. This helps ensure that, even in the event of a data leak occurring in the transport layer, your data will remain secure.