Simwood, along with many companies, has used Cloudflare to provide an additional layer of protection to some of our web-facing services (e.g. the portal and API). In light of the vulnerability reported on Friday 24th February, we have reassessed this and made the decision to move our services away from Cloudflare.
We have had no reports of any incidents relating to this, and Cloudflare have confirmed that our domain is not one where any exposed data has been discovered. Furthermore, Cloudflare have confirmed that this issue has been patched.
We are, therefore, confident that Simwood customers have not been affected by this incident. Nonetheless, security is very important to us, and the potential advantages Cloudflare offered do not outweigh the benefits of controlling our own infrastructure end-to-end, thus avoiding the risk that a third party could leak data submitted to Simwood.
For more information on the incident from Cloudflare, please see https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/