Dropbox details security breach that caused spam attack
Published: 1st Aug 2012 14:33:57
Online storage service Dropbox has given details of a security breach that led to many of its members receiving unsolicited emails.
A stolen password had been used to access an employee's accounts allowing a "project document" containing user emails addresses to be copied, it said.
The US company added that usernames and passwords stolen from other sites had also been used to sign in to some of its members' accounts.
It has adopted new security measures.
These include automated systems to spot suspicious activity and a new page allowing users to examine earlier log-ins to their account.
It has also advised users to create a unique password for each internet site and service they sign up to, and is offering its members the option to use two-factor authentication - which could involve using both a password and a code texted to their phone to gain access.
The problem came to light last month after hundreds of its users complained they had received unsolicited email via the addresses they had registered their Dropbox account to.
The firm said at the time that it had called in a third-party to investigate.
Dropbox declined to reveal how many of the accounts had been compromised. Its site says it has more than 50 million users and is installed onto 250 million devices.
The security company Sophos branded the breach "a mixture of poor practice both inside and outside the organisation".
Several of the storage site's users also expressed concern. Some questioned why their details had been stored in an insecure location.
"What was a staff member doing with user's email addresses in such a way?" asked one user on the comments section of Dropbox's blog.
"If you had any regard for the privacy of your users you keep those addresses where they belong: locked away in a database," wrote another.
The problem comes at a challenging time for the firm. Google recently launched Drive - its own online storage service offering more "free" space to new sign-ups who only apply for a basic service.
Amazon's Cloud Drive also offers US customers 5GB of free storage, compared with Dropbox's 2GB, although the latter's members can boost their capacity by referring friends.
Microsoft is promoting its rival Skydrive service by integrating it into its new Outlook.com webmail product. Apple has introduced iCloud storage to Mac owners who have downloaded its latest system. And other start-ups, including SpaceMonkey and Owncloud, are offering storage solutions that avoid risks involved with uploading material to external cloud servers.
"The fact that this isn't the first time that Dropbox has been stung by a security breach is a cause for concern for both its corporate and consumer customers," Chris Green, principal technology analyst at Davies Murphy Group Europe told the BBC.
"The online storage market has become much more competitive since it launched in 2008.
"What Dropbox has in its favour is its size and - despite the breaches - it retains a lot of goodwill. But this is yet another example that cloud storage is still not trustworthy enough for critical and sensitive information."
At 04:58:53 in HeadlinesAn explosion at a factory in eastern China has killed at least 65 people, according to Chinese state media.
At 03:59:13 in HealthA campaign for a baby with Down's Syndrome left with his surrogate Thai mother by an Australian couple has raised over $120,000 (£70,000).
At 03:50:50 in EnglandWhen you cannot afford every thing through your salary income if emergency cash requirement middle of month then consider fast quick payday loans same day services for UK people who want to loans up to 1000 pounds in your bank account less than 15 minutes.When unforeseen expenses crop up at the weekend in your life and you don't have no funds left in your pocket to manage unavoidable excess expenses then it will be difficult to handle them on time. Don't worry! For covering up extra payments at the weekend is probable. Right now you can go for weekend payday loans for bad credit.
At 03:03:37 in WorldBritain is to temporarily close its embassy in the Libyan capital, Tripoli, because of worsening violence.
At 02:30:08 in EnglandHundreds of cobbles in a Manchester square are to be photographed to ensure they are returned in the same position once a new tram link has been built.
At 02:12:09 in EnglandThe remains of a grand Hampshire house destroyed during the English Civil War are being unearthed for the first time in more than a century.
At 01:47:29 in HeadlinesJournalists in Mexico have criticised a new law that restricts crime reporting in north-eastern Sinaloa state.
At 01:46:42 in EnglandFriendly, eclectic and organised by a fireman, the first-ever Cambridge Folk Festival could easily have been the last. Half a century later, and the festival taking place this weekend is known around the world as a premier music event.
At 01:43:48 in EnglandSome of the 20th Century's best-known "concrete cities", such as Birmingham, Hull, Portsmouth and Coventry, are embarking on major regeneration work. But as the bulldozers move in, what is being lost?
At 01:43:16 in HeadlinesForeign drivers are costing councils millions of pounds every year due to unpaid parking fines, the Local Government Association says.
Harvard CitationBBC News, 2012. Dropbox details security breach that caused spam attack [Online] (Updated 1st Aug 2012)
Available at: http://www.ukwirednews.com/news/1443939/Dropbox-details-security-breach-that-caused-spam-attack [Accessed 2nd Aug 2014]
News In Other Categories
A gardener says he feared losing his leg after being bitten by a false widow spider hiding in a Vale of Glamorgan shed.
The Uber taxi app is "competing unfairly" with London's black cabs, senior Labour MP Margaret Hodge says.
One hundred years ago this summer Britain and her Empire stood on the brink of war. Frantic last-minute diplomacy had come to nothing - and armies were mobilising across Europe.
With the centenary of Britain joining the First World War approaching, communities around the country are preparing to mark the anniversary in their own way.
The incoming music director of the English National Opera (ENO) has said the company will keep taking risks in spite of funding cuts.
An explosion at a factory in eastern China has killed at least 65 people, according to Chinese state media.