After gaining so much popularity finally Dropbox got hacked. The company confirms that there was indeed a break-in and that a “small number” of account names and passwords have been stolen. This news came after several hundred users reported that spam is being getting delivered to their email addresses which are associated with Dropbox, this thusly meaning that the Dropbox forums and/or larger database had been broken into. Now Dropbox is confirming the attack and is making sure tha it will never happen again in future.
Dropbox officials have written that “they’ve found that it was not their own site, but a collection of third party sites that are to blame for poor security. When a set of users, seemingly unrelated to one another had their account names and numbers lifted and applied to Dropbox. That’s just step one the next step was that one of these accounts belonged to “an employee Dropbox account containing a project document with user email addresses.”
A note from Dropbox states that they believe it was this employee account’s document that listed all of the rest of the accounts and passwords that were attacked with spam. This type of attack doesn’t necessarily mean Dropbox’s security is to blame, but rather speaks to the fact that there may very well be some less than genius level employees amongst their ranks. The majority of the people affected by this incident appear at the moment to be coming from Germany, Holland, and the UK.
Dropbox is taking additional steps to strengthen their security and have assured users that they’ll now be using Two-factor authentication, “such as your password and a temporary code sent to your phone”, coming in the next few weeks. They’ve also assured a new set of automated mechanisms as well as a new page that’ll allow you to examine all of the logins your account has experienced. Be sure to change your password soon.