Cloudflare & FastMail: Your info is safe

This week, Cloudflare disclosed a major security breach, affecting hundreds of thousands of services’ customer security. While FastMail uses Cloudflare, your information is safe, and it is not necessary to change your password.

The Cloudflare security breach affects services using Cloudflare to serve website information. When you go to our website (or read your email, or send your password), you are always connecting directly to a FastMail server. We use Cloudflare to serve domain name information only, which does not contain any sensitive or personal customer data.

However, while we do not advocate password reuse, we accept it happens. If your FastMail password is the same as any other web service you use, please change them both immediately (also, use a password manager, and enable two-step verification)! For more information about passwords and security, check out Lock Up Your Passwords and our password and security blog series, starting here.

For more information on the Cloudflare security breach, please check out their blog. Why does FastMail use Cloudflare? DDOSes that target our DNS can be mitigated with Cloudflare’s capacity. If you have any other questions for us, please contact support.

This post had been amended to add remediation instructions in the third paragraph for users who may have a reused password.

Older post Ghost of blog posts past
Newer post FastMail Customer Stories – CoinJar
Three Exciting Updates to Your Fastmail Calendar 

New Years’ is the time for making plans! We are excited to announce that we have made some updates to Fastmail’s calendar to help you along the way.

Best Private Browsers to Protect Your Online Privacy 

You may still be tracked even while using a “private” window like Incognito or VPN. Here are the best private browsers to protect your privacy.

These 9 Privacy-Friendly Tech Tools Will Boost Your Productivity 

Introducing nine privacy-friendly tools to control more of the information you are sharing with third parties.