Dropbox investigates possible security breach

20 juillet 2012

Dropbox, a cloud-storage facility that allows files to be uploaded and shared remotely by users, may have been targeted by cybercriminals and spammers.

On July 16, according to CNN, European users started complaining that their emails were starting to fill with spam mail that appeared to be generated by internet gambling sites. The next day, Dropbox was unavailable for 60 minutes and messages posted on the website's forums suggested that the two incidents were related to issues of cloud computing data security.

According to Dropbox, the outage was "incidental and not caused by any external factor or third party," but the deluge of spam mails the day before may have forced the company to carry out an internal investigation to determine whether or not there had been a security breach. The company has vowed to "leave no stone unturned" to find the source of the problem, and has brought in an external team of experts to facilitate the investigation.

Dropbox is used by approximately 50 million users every day, and, according to the company, over a billion files are uploaded to the data-storage facility every 48 hours.

"While we haven't had any reports of unauthorized activity on Dropbox accounts, we've taken a number of precautionary steps and continue to work around the clock to make sure your information is safe," the company posted on its message board.

Since the service launched in 2008, it has grown in popularity, and while the ability to easily access documents remotely has seen Dropbox become a leader in the field of data storage, the company has experienced a glitch in the past. Last year, a coding error allowed users to log into any other Dropbox users account with a random password, a situation that lasted for four hours before the company managed to rectify the problem.

Companies such as Amazon, Apple and Google are all pushing toward the cloud, but some security analysts believe that hackers could find the availability of so much stored data too good an opportunity to miss.

President Obama has been pushing Congress to approve web security legislation aimed at addressing the "most serious economic and national security challenge that America faces" and in a recent opinion piece for the Wall Street Journal, the President was under no illusions as to the scale of the problem. According to the BBC, he believes that cybercriminals and foreign governments are "probing America's net defenses every day."

"It would be the height of irresponsibility to leave a digital back door wide open to our cyber-adversaries," he wrote in the newspaper's editorial column on July 19.

-McAfee Cloud Security