TL;DR: Bungie is using CloudFlare which is a service to cache/speed up pages. And it has a massive security leak. How is it affecting Bungie.net, the API, integrations, Xbox/Playstation integration and what not. Longer version: CloudFlare released a statement where a memory leak in their parsers could result in leaking private information. This included HTTP headers, chunks of POST data (perhaps containing passwords), JSON for API calls, URI parameters, cookies and other sensitive information used for authentication (such as API keys and OAuth tokens). I quickly checked the Bungie.net DNS servers to see if they were using cloudflare: [quote]dig bungie.net NS ; <<>> DiG 9.8.3-P1 <<>> bungie.net NS ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64523 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;bungie.net. IN NS ;; ANSWER SECTION: bungie.net. 86400 IN NS ben.ns.cloudflare.com. bungie.net. 86400 IN NS lucy.ns.cloudflare.com. ;; Query time: 30 msec ;; SERVER: 192.168.192.1#53(192.168.192.1) ;; WHEN: Fri Feb 24 12:20:15 2017 ;; MSG SIZE rcvd: 82[/quote] Which appears to be the case. How does this security leak affect Bungie? Could we assume that all oAuth 2 accessTokens will be revoked and refreshed? Could oAuth handshake information be leaked between Playstation/xBox services and Bungie?