Dropbox Issues Outage Post-Mortem But Makes No Mention Of DDoS Attack

This weekend, Dropbox experienced an outage that lasted far too long. A wing of hacker collective Anonymous claimed credit for the outage, saying it performed a database hack, which turned out to be a hoax. However, the group maintained that it did hit Dropbox with a DDoS attack, which was timed to coincide with the site’s scheduled maintenance.

Dropbox has strongly denied the hack, but it hasn’t said anything about the claim of a DDoS attack, which seems odd. The company has talked around it by carefully describing the post-mortem.

“On Friday at 5:30 PM PT, we had a planned maintenance scheduled to upgrade the OS on some of our machines. During this process, the upgrade script checks to make sure there is no active data on the machine before installing the new OS,” reads the post-mortem blog post in part. “A subtle bug in the script caused the command to reinstall a small number of active machines. Unfortunately, some master-slave pairs were impacted which resulted in the site going down.”

Dropbox outage
Credit: TechCrunch

Thus, Dropbox maintains that the entire outage was due to internal issues and had nothing to do with external factors. It’s possible that the group that claimed the hack, The1775Sec, is also lying about the DDoS attack, but we wish that Dropbox would address those claims nonetheless.

Dropbox said that, as of last night at 10:23pm EST, service has been restored for everyone despite a few lingering issues with the Dropbox photos tab.

Outages of this sort from a cloud service provider, whether due to internal problems or external attacks, are bad news for both the provider and its users. Dropbox may have lost itself some customers this weekend because of it and the way it’s failed to address some of the claims of external attacks.