The company stated that only 1% of its accounts were accessed during the security vulnerability’s window and that an investigation into the circumstances surrounding the error is now underway. Although the 1% figure doesn’t sound serious, Dropbox has about 25 million users, so this means that about 250,000 accounts were accessed while the issue was live.
Flaws of this nature are a serious problem for Dropbox, as the service is used by many organizations (including MakeUseOf) to share information related to ongoing projects. The service has come under fire in recent months for a number of security related issues, including misleading statements about file encryption that eventually resulted in a formal complaint by the FTC.
There are a couple of things you can check to make sure that your Dropbox account was not compromised during those critical 4 hours.
- First of all, check this page which goes into detail about all the recent activity in your Dropbox account. It will show you if someone has removed or added any files to your account without your knowledge and permission, as well as if any of your files were shared with anyone.
- This page shows all the computers and mobile devices which are currently linked to your account. See a computer or device you don’t recognize? Or has one of your computers or mobile devices been removed? Then someone has probably accessed your account. Boot them off and change your password immediately.