SAN FRANCISCO – Cloudbleed is the latest internet bug that puts users private information in jeopardy. News of the bug broke late on Thursday, but there is already a lot of confusion about it and the actual impact it has on people’s information.

Cloudbleed is the name of a major security breach from the internet company Cloudflare that leaked user passwords, and other potentially sensitive information to thousands of websites over six months. The Register describes it as “sitting down at a restaurant, supposedly at a clean table, and in addition to being handed a menu, you’re also handed the contents of the previous diner’s wallet or purse.”

The name comes from Tavis Ormandy of Google’s Project Zero, who reported the bug to Cloudflare and joked about calling it Cloudbleed after the 2014 security bug Heartbleed.

Heartbleed affected half a million websites, whereas at this time only 3,400 websites are believed to have had the Cloudbleed bug.

But here’s the potentially scary part. Those 3,400 websites leaked private data that came from other Cloudflare clients. So the actual number of websites actually affected could be much higher.

Even though you might not be familiar with the name Cloudflare, chances are a website you’ve visited uses the company for security or information delivery.

At this point, we know that Uber, Fitbit and OKCupid were three directly affected, but there’s thousands more.

In response to news of the leak, companies have taken to Twitter to acknowledge the bug and reassure their customers.

Think of Cloudbleed like a person surviving a heart attack. It’s scary and it will require changes to prevent it from happening again. But the worst of it is over, for now.

If there is an upside to this story, it’s that Cloudflare stopped the bug within 44 minutes of finding out about it and fixed the problem completely within 7 hours.

However, the bug is believed to have affected websites going as far back as September with the height of the breach occurring between Feb. 13 to 18. So there will be ripples of consequential fallout as companies learn about the bug and whether their customers’ information was involved.

Cloudflare provides essential internet infrastructure and security to millions of websites. On its website, Cloudflare lists Nadaq, Bain Capital, OKCupid, ZenDesk and Cisco among others under its “Trusted by” section.

To learn more, click on https://www.cnet.com/news/cloudbleed-uber-fitbit-okcupid-cybersecurity-password-information-exposed-wide-reaching-flaw/?ftag=CAD2e9d5b9&bhid=20102274281679224800074149012732