Pinterest Stumbleupon Whatsapp

Online storage service Dropbox 5 Cool Apps That Make Dropbox Even More Useful 5 Cool Apps That Make Dropbox Even More Useful Read More recently confirmed that an error made it possible for users to access accounts without the correct password. All a user needed to know was the email address tied to the account he or she wanted to access, as any password – including a blank one – would allow access. The security flaw was introduced at 1:54 PM pacific daylight time and was live for nearly four hours before being patched at 5:46 PM. According to Dropbox, the problem was introduced into the authentication system during a code update.

The company stated that only 1% of its accounts were accessed during the security vulnerability’s window and that an investigation into the circumstances surrounding the error is now underway. Although the 1% figure doesn’t sound serious, Dropbox has about 25 million users, so this means that about 250,000 accounts were accessed while the issue was live.

Flaws of this nature are a serious problem for Dropbox, as the service is used by many organizations (including MakeUseOf) to share information related to ongoing projects. The service has come under fire in recent months for a number of security related issues, including misleading statements about file encryption Dropbox Accused Of Lying To Users Over Data Security [News] Dropbox Accused Of Lying To Users Over Data Security [News] Dropbox has recently revised its claims on how securely they maintain user data, prompting a lawsuit claiming that Dropbox has misled its customers about its privacy policy and encryption processes. Read More that eventually resulted in a formal complaint by the FTC.

There are a couple of things you can check to make sure that your Dropbox account was not compromised during those critical 4 hours.

  • First of all, check this page which goes into detail about all the recent activity in your Dropbox account. It will show you if someone has removed or added any files to your account without your knowledge and permission, as well as if any of your files were shared with anyone.
  • This page shows all the computers and mobile devices which are currently linked to your account.  See a computer or device you don’t recognize?  Or has one of your computers or mobile devices been removed? Then someone has probably accessed your account.  Boot them off and change your password immediately.

Source: CNET


Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Anonymous
    June 25, 2011 at 9:32 am

    Good article – here is another Cloud Storage solution that lets your computer to fully encrypt your files before sending out:
    With SugarSync, you get 5GB of cloud storage space with the FREE version, but now there is no restriction to the number of computers you can sync/backup (up from 2).
    It gives you the ability to upload and sync any folder on your computer.
    It is the only service that offers such a broad device and OS support with apps for BlackBerry, Android, iPhone/iPad, Symbian, not to mention your computer!
    You can also stream MP3 music files to your smartphone or computer.

    Also if you use the below referral code you get a bonus 500MB extra on top of your Free 5GB!

    Hope this helps someone!

  2. Michael
    June 24, 2011 at 10:09 am

    Easier than Truecrypt (+ uses less space):

    Just zip your documents folder. 7zip wil let you encrypt the zipped folder with a password. Then log in to your Dropbox account and remove old (unencrypted) versions of your documents.
    Tip: It may speed up your daily use if you sort your documents in sub folders and encrypt those in stead of the main documents folder. I'd use the same password for all the zipped folders.

    It only takes a few minutes to set up and then you don't have to care about Dropbox security issues any more.

  3. Barney Durant
    June 24, 2011 at 12:32 am

    I think it is a great chance for 4shared Sync to be noticed by community coz they are really better than dropbox. 4Shared sync provides 15 Gb free storage space.

  4. Franco Caorlini
    June 22, 2011 at 4:49 pm

    My advise is alwais use software as truecrypt to store personal files in this kind of software as a service

  5. Oth'niel Nethinim
    June 22, 2011 at 4:33 pm

    glad i did not store anything confidential inside...