The web performance and security company Cloudflare has a software bug that released personal account details of its clients. Thanks to the bug, users of Uber, OkCupid, and FitBit had their passwords, emails, and messages exposed. The bug was found by Google security researchers, saying Cloudflare's software sends user's data to their browsers when opening webpages hosted by the site, according to Tavis Ormandy, researcher on Google's Project Zero security team. The leaks started around the end of September, but it was most active from February 13 to February 18, when it was discovered. John Graham-Cumming, Cloudflare CTO, mentioned that the problem had been fixed quickly, with majority of the leaked data removed from Google and other search engines.