PREVIOUS ARTICLENEXT ARTICLE
NEWS
Dropbox accounts compromised in security breach
By Ryan Noik 1 August 2012 | Categories: newsDropbox users, be warned: the company has confirmed that several Dropbox accounts were compromised after a stolen password was used to access a Dropbox employee’s account.
In that account was a document containing a list of users’ email addresses.
According to the company’s blog, sirens began going off two weeks ago when users alerted it to an influx of spam, which seemed to only be affecting email addresses that were associated with their Dropbox accounts.
An investigation then found that usernames and passwords stolen from other websites were used to sign into “a small number” of Dropbox accounts. The company believes that this then also led to the spam experienced by some of its users.
Security measures ahead
Along with apologising, the company detailed how it intends to secure Dropbox moving forward. This will include the implementation of ‘two-factor authentication’, which would optionally require users to enter two proofs of identity when signing into their Dropbox, such as one’s usual password and a temporary code that is sent to a user’s mobile phone.
Additionally, the company will apparently implement a new page, which would enable users to view all active logins to their Dropbox account, and “new automated mechanisms to help identify suspicious activity,” about which little has been disclosed at this point.
To the point
It is a refrain we have heard often, but Dropbox has, quite pertinently, repeated it in the wake of the security breach.
“We strongly recommend you improve your online safety by setting a unique password for each website you use,” the company advised. It noted that, while it may be easy to reuse the same password on different websites, this means if any one site is compromised, all one’s accounts become at risk.
The company also commented that it may require some users to change their passwords as well.
Our advise: don’t even think about using ‘12345’ or ‘password’ as your password of choice, and if it already is one of those easy to guess (and break) options, change it immediately.
USER COMMENTS
Most Read Articles
Read
Magazine Online
TechSmart.co.za is South Africa's leading magazine for tech product reviews, tech news, videos, tech specs and gadgets.
Start reading now >
Download latest issue
Have Your Say
What new tech or developments are you most anticipating this year?
New smartphone announcements (44 votes)
Technological breakthroughs (28 votes)
Launch of new consoles, or notebooks (14 votes)
Innovative Artificial Intelligence solutions (28 votes)
Biotechnology or medical advancements (22 votes)
Better business applications (132 votes)