July 19, 2012
Dropbox Brings In Outside Team To Investigate Possible Breach
redOrbit Staff & Wire Reports - Your Universe Online
Cloud-storage company Dropbox has hired a team of outside experts to help investigate a spam attack targeted at its users that could be related to a possible breach.The firm said it had brought in the expert team late Tuesday night after many of its users began reporting spam being sent to email addresses specifically used for their Dropbox account.
Such an event could indicate the company has been hacked.
“We wanted to update everyone about spam being sent to email addresses associated with some Dropbox accounts. We continue to investigate and our security team is working hard on this. We´ve also brought in a team of outside experts to make sure we leave no stone unturned,” wrote Dropbox employee "Joe G." on Tuesday in a blog posting on the Dropbox forum.
“While we haven´t had any reports of unauthorized activity on Dropbox accounts, we´ve taken a number of precautionary steps and continue to work around the clock to make sure your information is safe. We´ll continue to provide updates.”
Dropbox says it has not had any reports of unauthorized activity on any user accounts, and that it has taken a number of precautionary actions to deal with the matter.
The problem began on Monday, when Dropbox users in Europe began receiving spam at e-mail addresses associated with their Dropbox accounts — even accounts created exclusively for the sole use of the Dropbox file storage service.
Of particular note is the fact that the e-mail spam, which advertises online casinos, is being sent to different countries in Europe and arrives in the user's native language, suggesting some coordination of the spam attacks.
The event has generated six pages of forum postings, with some users accusing Dropbox of having a security problem. Others, however, say the issue is likely the result of random ℠spambots´.
"For one thing, it's not at all uncommon for spambots to randomly try addresses at various mail servers to see if they get a 'hit,'" one user wrote.
However, that scenario seems unlikely given Dropbox´s announcement that it has brought in an outside team of experts to help with the investigation.
Other Dropbox forum users suggested that malware that steals names from address books or detects connections on Dropbox might be to blame for the spam attacks.
Until the company provides further updates, there´s no way to know what is behind the flurry of spam messages, or if a possible breach has occurred.
At this point, the spam emails do not seem to have had any other impact beyond being a nuisance, although its mere existence has caused some to speculate about the possibility that Dropbox was actually hacked.
A Dropbox error one year ago left every single Dropbox account unsecured and accessible with any password for four hours. Given that Dropbox's business model depends on users trusting their data to the company, Dropbox has to be extra careful.
But in this case, it's not yet certain there has been a breach. Some Dropbox users posting on the support forum and Twitter report receiving no spam, and the problem may be isolated to a small percentage of users.
"It's also entirely possible for malware running on a computer that you've logged into Dropbox on to have captured your e-mail address through keyboard logging or even something like a browser cookie."
However, the user who started the thread said he configured his e-mail accounts to detect spambot activity.
"I've heard loads of stories about the spambots who randomly try addresses... but I have configured catch-all accounts and so if there were any spambots randomly trying out addresses, I should receive all tries, and not only one hit," the forum poster wrote.