Skip to content

Inside DNAnexus

Product updates, industry insights, opinions and references. From the team powering the Genomics Revolution.

Updated DNAnexus Impact Assessment for Cloudbleed: No evidence of exploitation.

As described in our February 27, 2017 blog post regarding the Cloudflare information leak (“Cloudbleed”), a  bug within the code running on Cloudflare edge servers was discovered by a Google security researcher.

Upon further investigation into the use of Cloudflare on DNAnexus we found, on February 27th at 2:39 PM PST, that contrary to what we had indicated in our blog post, HTTP requests to platform.dnanexus.com served by Cloudflare edge servers in some cases included session tokens with authentication information. We revoked all customer session tokens at 5:06 PM PST that same day, at which point all requests to DNAnexus required re-authentication. All existing tokens were unusable after this time.

On February 23rd Cloudflare provided their most recent update and stated that there was no evidence of exploitation; there have been no updates since that deviate from this information. Additionally, Cloudflare has completed analysis of edge server log data, and on March 3rd confirmed that platform.dnanexus.com was not found to have been impacted.

Our CDN usage design has been reviewed and we continue to believe no customer has been impacted by the incident. Any potential new exposure has been eliminated and there continues to be no evidence of exploitation.

We know how critical information security is to our customers so if you have any questions about your account, please do not hesitate to contact our customer support team at support@dnanexus.com.

About DNAnexus

DNAnexus the leader in biomedical informatics and data management, has created the global network for genomics and other biomedical data, operating in 33 countries including North America, Europe, China, Australia, South America, and Africa. The secure, scalable, and collaborative DNAnexus Platform helps thousands of researchers across a spectrum of industries — biopharmaceutical, bioagricultural, sequencing services, clinical diagnostics, government, and research consortia — accelerate their genomics programs.

The DNAnexus team is made up of experts in computational biology and cloud computing who work with organizations to tackle some of the most exciting opportunities in human health, making it easier—and in many cases feasible—to work with genomic data. With DNAnexus, organizations can stay a step ahead in leveraging genomics to achieve their goals. The future of human health is in genomics. DNAnexus brings it all together.