Comment by sarcasmic
8 years ago
1. rotate passwords, tokens, auth stuff on any and all service you use that may have used CloudFlare in this time period (as of time of writing this list has not been enumerated)
2. hope that no personally-identifiable info or damaging plaintext that can be tied back to you has been exposed, but you will probably never know for sure
3. join class action lawsuits if you so desire and receive the chump change that is your share once they inevitably get settled
4. ponder what it truly means to willingly (or unknowingly) give information to or through a "trusted third-party" who may employ other "trusted third-parties"
5. languish in unsatisfactory answers and outcomes, return to step 2.
I've compiled a list of 7 million+ domains that use Cloudflare here: https://github.com/pirate/sites-using-cloudflare
Including the subset of the Alexa 10,000 that use Cloudflare in the README.
Here is also a non-exhaustive list of websites using cloudflare: https://index.woorank.com/en/reviews?technology=cloudflare