
MaxMind's email to customers in response to Cloudbleed - skyisblue
Dear MaxMind customer,<p>On February 23, Cloudflare announced a bug that caused certain traffic sent through their servers to leak from memory, potentially exposing sensitive data. MaxMind is a Cloudflare customer and uses their content delivery network for our primary website, GeoIP2 Precision JavaScript service, and GeoIP&#x2F;GeoLite database download servers.<p>This means that if you interacted with the MaxMind website, used the GeoIP2 Precision JavaScript API, or downloaded a database from us between September 22, 2016 and February 18, 2017, the associated activity could have leaked and been compromised. This includes usernames and passwords, license keys, and IP addresses for the website and database downloads and referrers and client IPs for the GeoIP2 Precision JavaScript API.<p>As a precaution, we recommend that you login to your MaxMind account as soon as possible and change your password.<p>Cloudflare has informed us that they have no evidence that MaxMind data leaked into third-party caches. We also have no evidence that any MaxMind accounts were compromised, and traffic to our minFraud and GeoIP web services was unaffected as these services do not use Cloudflare servers. We are continuing to monitor the situation for any updates.<p>You can read more about the Cloudflare bug on TechCrunch. Please get in touch with any questions.<p>Regards,
MaxMind
======
cauterized
They don't support cycling license keys, as we discovered yesterday. What a
mess.

Can anyone suggest any alternatives?

