Dropbox Confirms Security Breach

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
According to this post on the company blog, Dropbox discovered of a security breach after receiving complaints about spam from its users. If you have a Dropbox account, now would be a good time to update your password.

A stolen password was also used to access an employee Dropbox account containing a project document with user email addresses. We believe this improper access is what led to the spam. We’re sorry about this, and have put additional controls in place to help make sure it doesn’t happen again.
Click to expand...
 
The blog states no passwords were actually stolen from Dropbox itself, just a list of e-mails (gained by passwords apparently stolen elsewhere and matched to Dropbox accounts). Still a good idea to change your password, but it seems like a case of password re-use across sites/services biting people in the ass and sucking Dropbox in.
 
Geotagged pics could be a security hazard, tho chances are whomever's phishing for account passwords could probably care less where you work/hang out.
 
That is true, I don't take enough pictures to warrant backing them up, if I lose them so be it.
However even if I were to back them up, I have it to not tag locations of which they were taken.
 
Didn't see this coming at all:rolleyes:

And then the users in our office wonder why we have a shit fit about them using this service for sensitive information?
 
Outamyhead said:
And then the users in our office wonder why we have a shit fit about them using this service for sensitive information?
Click to expand...
Never ceases to amaze me how people use commercial, end-user services for business use and are shocked when there are security breaches, failure, outages ... like how pose for nude pictures and are surprised when they leak, never backup anything and blame a tech for losing their data, etc. Simple and easy are the only measures of quality to most folks :rolleyes:

That said, there were some user accounts hacked, but these were folks reusing passwords that were hacked from other sites, so I feel for Dropbox taking the heat here - all they're at fault for is letting some users get spammed, they weren't at fault for any sort of data breach.
 
matt9669 said:
... I feel for Dropbox taking the heat here - all they're at fault for is letting some users get spammed, they weren't at fault for any sort of data breach.
Click to expand...

Read the blog/article. An employee losing customer email addresses seems like a data breach to me.

FTA:
A stolen password was also used to access an employee Dropbox account containing a project document with user email addresses.
 
You must log in or register to reply here.
Back
Top