Dropbox Experiences Increased Spam after Employee Account Breach

The cloud storage service Dropbox said Tuesday that the increase in spam e-mail sent to users last month was directly related to an employee account compromise.

"A stolen password was also used to access an employee Dropbox account containing a project document with user email addresses," said Dropbox's  Aditya Agarwal in a blog post.  "We believe this improper access is what led to the spam. We're sorry about this, and have put additional controls in place to help make sure it doesn't happen again."

The spam featured advertisements for an online gambling site aimed at European users written in English, German and Dutch.

In response to this recent breach, the company announced that it has begun implementing new security features into its service.

The first, coming in the next few weeks is a two-factor authentication process that will require two proofs of identity when logging in. This can be something like a user's password and a code sent to the user's cell phone, according to the company.

The company will also be adding a feature that will notify users if "unusual" activity on an account occurs, a new Web page where users can view all logged activity on an account and Dropbox will require users to regularly change their passwords.

Agarwal said that that along with these security additions, users must remember to always adhere to safe online practices.

"At the same time, we strongly recommend you improve your online safety by setting a unique password for each website you use," said Agarwal. "Though it's easy to reuse the same password on different websites, this means if any one site is compromised, all your accounts are at risk."

Last week's breach marks the second time in a little more than a year that Dropbox had been hit by a security breach. Last year an estimated number of 100  customer accounts were exposed for a few hours, allowing anyone to access them without a valid password.

About the Author

Chris Paoli is the site producer for and


  • How To Configure Windows 10 for Intel Optane Memory

    Intel's Optane memory technology can significantly improve the performance of your Windows 10 system -- provided you enable it correctly. A single mistake can render the system unbootable. Here's how to do it the right way.

  • Microsoft and SAP Enhance Partnership with Teams Integration

    Microsoft and SAP this week described continuing partnership efforts on Microsoft Azure, while also planning a Microsoft Teams integration with SAP's enterprise resource planning product and other solutions.

  • Blue Squares Graphic

    Microsoft Previews Azure IoT Edge for Linux on Windows

    Microsoft announced a preview of Azure IoT Edge for Linux on Windows, which lets organizations tap Linux virtual machine processes that also work with Windows- and Azure-based processes and services.

  • How To Automate Tasks in Azure SQL Database

    Knowing how to automate tasks in the cloud will make you a more productive DBA. Here are the key concepts to understand about cloud scripting and a rundown of the best tools for automating code in Azure.

comments powered by Disqus