The Schwartz Cloud Report

Blog archive

Dropbox Leaves Doors Unlocked

Dropbox warned customers of its cloud-based storage service that some accounts were exposed for several hours on Sunday. The accounts were accessible to anyone without the correct password.

The company said fewer than 1 percent of all accounts were exposed during a four-hour period. The exposure was the result of a code update to the software authentication mechanism of the service, in which a bug was introduced.

"This should never have happened," said Dropbox CTO Arash Ferdowsi in a blog post. "We are scrutinizing our controls and we will be implementing additional safeguards to prevent this from happening again."

The company is investigating whether accounts were improperly accessed, and account owners will be notified if there was unusual activity, Ferdowsi noted.

Posted by Jeffrey Schwartz on 06/22/2011 at 1:14 PM

comments powered by Disqus

Reader Comments:

Sat, Jun 25, 2011 w0qj

Good article – here is another Cloud Storage solution that lets your computer to fully encrypt your files before sending out: With SugarSync, you get 5GB of cloud storage space with the FREE version, but now there is no restriction to the number of computers you can sync/backup (up from 2). It gives you the ability to upload and sync any folder on your computer. It is the only service that offers such a broad device and OS support with apps for BlackBerry, Android, iPhone/iPad, Symbian, not to mention your computer! You can also stream MP3 music files to your smartphone or computer. Also if you use the below referral code you get a bonus 500MB extra on top of your Free 5GB! Hope this helps someone!

Fri, Jun 24, 2011 M S Lanzi Newark, Delaware

Unfortunately, many companies are cutting corners in order to compete. They can't afford to stand up development environments and can't afford to staff test engineers to perform complete and thorough testing to move from development to beta environment which could have prevented this issue.

Fri, Jun 24, 2011 Dan Iowa

"Fewer than 1%", "for several hours", "shouldn't have happened and we'll take steps to make sure it doesn't happen again..." Tranlation: OK so we had a security issue. You probably don't need to worry, and from now on we promise we will be secure. No really... this time we mean it.

Fri, Jun 24, 2011 JSIMON

I am bewildered with the fanaticism that proponents of the cloud have when time after time major failings of cloud services appear. These interruptions and security breaches are serious and should have any CIO thinking before making the decision to “off-shore” their company’s data.

Thu, Jun 23, 2011 brendan speet Australia

Drop box is my favourite app at the moment with my iphone ipad and pc for sharing non business material all said this seriously isnt good enough as a provider and is a good example of why business strugles to make the decision to move to the cloud. Ive had amazon loose servers without notice, jungle disk go off line twice in the last 2 months.

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.