You may have read in the press that Cloudflare - a service provider that Wise uses - was affected by a bug. That bug meant some of Cloudflare’s customer data was exposed.
As soon as we were aware of this, we got in touch with CloudFlare to establish whether Wise data was affected. We also launched our own checks.
We’ve done a full investigation alongside Cloudflare, and we are confident that Wise customer data is safe. We've included a detailed explanation at the bottom of this post.
What does Wise do to protect customer data?
We’ve got a specialised, in-house team that look after security. It’s their job to keep customer data watertight. They continually review and update our processes to ensure the integrity of our platform.
On top of that, we’re constantly monitoring and testing all of our services. This makes sure that our customers’ data is secure - and always protected. Plus, all communications between customer devices and our platforms are encrypted.
You can read more about our security systems on our FAQs.
Do I need to change my Wise password?
No, you don’t need to. But this is a good time to recap on some password best practice:
Make sure it’s strong - a strong password is long, made up of numbers and symbols, as well as both uppercase and lowercase letters.
Use different passwords across different websites and services - this means that if someone who isn’t you gets your password, they can only use it on one website.
We thought we'd share some of the background to how we deal with technical issues like the Cloudflare bug that was reported overnight.
It’s an extremely serious issue. There’s also a lot of wild speculation around - especially on social media. So we thought some readers would be interested in the facts.
The Wise team became aware of the Cloudflare bug early this morning. We immediately got in touch with CloudFlare to find out how our services were affected. We also began our own investigation.
What was the issue?
It’s important to note the nature of the leaks. At its peak, roughly 1 in every 3.3 million requests had the potential to leak into someone else's session. These leaks would often result in being rendered in a browser as meaningless characters in the bottom of the screen.
There’s no evidence that anyone was harvesting this transient leaked data for malicious purposes. But the internet has a ‘memory’ in the form of caches maintained mainly by search engines.
In the time between being informed of the bug and it being made public, Cloudflare has been constantly searching these caches for any of the inadvertently leaked information. The greatest threat (given that the bug itself was fixed) was for someone to harvest the leaked data from these caches.
What’s the outcome?
Both the Cloudflare and Wise teams are confident that no identifiable Wise or Wise customer data was found in these caches.
Some of our partners also use Cloudflare. So as a precaution, we’ve reset any credentials that we use to connect to those partners and service providers, such as API tokens. We’ve done this because these credentials are used repeatedly, and that means they’re statistically more likely to have been leaked.
We’ll be closely monitoring this situation over the coming days and weeks. And if you’ve got any questions at all, you can get in touch with us. We're happy to answer your questions.
What is the gender pay gap? The gender pay gap is an initiative from the UK government to help reduce the difference in pay between men and women. Since 2017,...
Wise is welcoming Tan Hooi Ling (Grab co-founder) and Clare Gilmartin (former Trainline CEO) to the board
Covid-19 changed the game when it came to how we all work. Flexibility is now key when we’re looking to attract and retain the very best talent around the...
Wise is building a new way to move money around the world. A way that’s faster and more convenient than the banks that came before us, and at a...
What is the gender pay gap? The gender pay gap is the difference in average hourly earnings between men and women working within the same organisation. The...
TL;DR To the Wise community, We’ve just finished Q4 and have headed into a new year and new decade. It’s time for an update on how much closer we’ve...