Cloudflare & FastMail: Your info is safe

This week, Cloudflare disclosed a major security breach, affecting hundreds of thousands of services’ customer security. While FastMail uses Cloudflare, your information is safe, and it is not necessary to change your password.

The Cloudflare security breach affects services using Cloudflare to serve website information. When you go to our website (or read your email, or send your password), you are always connecting directly to a FastMail server. We use Cloudflare to serve domain name information only, which does not contain any sensitive or personal customer data.

However, while we do not advocate password reuse, we accept it happens. If your FastMail password is the same as any other web service you use, please change them both immediately (also, use a password manager, and enable two-step verification)! For more information about passwords and security, check out Lock Up Your Passwords and our password and security blog series, starting here.

For more information on the Cloudflare security breach, please check out their blog. Why does FastMail use Cloudflare? DDOSes that target our DNS can be mitigated with Cloudflare’s capacity. If you have any other questions for us, please contact support.

This post had been amended to add remediation instructions in the third paragraph for users who may have a reused password.

Older post Ghost of blog posts past
Newer post FastMail Customer Stories – CoinJar
How Xavier uses Fastmail to customize his inbox
01 Sep 2023 Customer Stories

Fastmail customer, Xavier, gets the most out of his email account by using Fastmail Identities, Aliases, and Masked Email!

Why Folders Are a Great Email Organization Tool

Fastmail Folders are the perfect organization tool for customers that love an empty inbox. Moving messages into customized folders is a quick way to keep your inbox tidy.

Fastmail’s Contributions to the Future of Email at the Perl Toolchain Summit

Fastmail CTO, Rik Signes, and Backend Team Lead, Matthew Horsfall, joined world-class open-source developers at the annual Perl Toolchain Summit.