Dropbox Cops to Security Breach, Pledges Measures to Prevent Another

To say that Dropbox was “hacked” is a bit unfair to the popular cloud storage service, if Dropbox’s reasoning is to be believed. The company announced that it has discovered that usernames and passwords that were stolen from other sites were used to log in to a few Dropbox user accounts, and at least one of those accounts belonged to a Dropbox employee whose files contained more user email addresses. As a result, Dropbox users were seeing spam.

It’s good that Dropbox is admitting the security breach, and it’s taking fixing the immediate problem as well as enacting measures to ensure that it doesn’t happen again.



First, Dropbox contacted affected users and “helped them protect their accounts”. Coming within weeks will be a two-factor authentication system, automated mechanisms to warn you of suspicious activity, and the occasional prompt to change your password.

There’s also a new security page that not only shows you which devices can access your account, but also any current Web sessions attached to your account (complete with information on recent activity and an IP address).



In a post discussing the breach and new security features, Dropbox also reminded users that it’s a good idea to use different passwords for various sites and accounts--you know, so Dropbox doesn’t get hacked again.
Via:  Dropbox
Comments
InsideSin 2 years ago

Haha that last line killed me. I have so many variations of the same password that when I don't logon to a specific account for more than a week, I forget which variation I used and end up being locked out of my account for 15 minutes before I can try again.

Post a Comment
or Register to comment