Dropbox confirms accounts compromised, adds security features

Dropbox confirms accounts compromised, adds security features
A few weeks ago, popular cloud storage service Dropbox started receiving mails from users regarding spam mails being sent to their Dropbox mail accounts.Dropbox has now confirmed that hackers had indeed stolen usernames and passwords from other third-party sites and used them to access accounts of Dropbox users.

The company confirmed via their own blog stating,"Our investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of Dropbox accounts. We've contacted these users and have helped them protect their accounts."

Users first noticed the issue last month, posting on Dropbox's web forum saying they received spam from email addresses only associated with Dropbox. Dropbox started investigating the issue when 295 people had already posted regarding the problem. Most of the posts were from users of Germany, Holland and the U.K.

As for the spam, the company stated that one of these stolen passwords allowed someone to access a project document in a Dropbox employee's folder that contained multiple user email addresses. And that this particular access led to spamming.

Dropbox has now beefed up its security by putting additional controls in place:

  • Two-factor authentication, a way to optionally require two proofs of identity (such as your password and a temporary code sent to your phone) when signing in. (Coming in a few weeks)
  • New automated mechanisms to help identify suspicious activity. We'll continue to add more of these over time.
  • A new page that lets you examine all active logins to your account.
  • In some cases, we may require you to change your password. (For example, if it's commonly used or hasn't been changed in a long time)
The online storage service further recommends users to set a unique password for each website they use. Since most users have the same password for multiple accounts, Dropbox feels that all those other accounts are also at risk.
Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Law firm accuses Zynga of failing to disclose key data
UBS's huge Facebook loss throws doubt on Nasdaq plan

Related Stories

Share on Facebook Tweet Snapchat Share Reddit Comment
 
 

Advertisement

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2021. All rights reserved.
Listen to the latest songs, only on JioSaavn.com