Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Dropbox Continues Breach Investigation

Dropbox Still Investigating Possible Breach – Nothing Conclusive As of Yet

Dropbox, a widely popular cloud storage platform, is still investing a possible breach after users in the U.K. and the EU started receiving spam messages on accounts used exclusively for the service. The most recent update from the company asks for more time, and notes that they have found nothing yet.

Dropbox Still Investigating Possible Breach – Nothing Conclusive As of Yet

Dropbox, a widely popular cloud storage platform, is still investing a possible breach after users in the U.K. and the EU started receiving spam messages on accounts used exclusively for the service. The most recent update from the company asks for more time, and notes that they have found nothing yet.

Last week, Dropbox told users that they were investigating a possible breach after hearing from dozens of customers, adding that they “brought in a team of outside experts to make sure we leave no stone unturned.”

“While we haven’t had any reports of unauthorized activity on Dropbox accounts, we’ve taken a number of precautionary steps and continue to work around the clock to make sure your information is safe. We’ll continue to provide updates,” the Dropbox staffer added.

As the days ticked by, users in the U.K. and EU regions started seeing more and more spam promoting EU Dice, Euro Gaming Palace, Premier Players Club, Vegas Virtual, SP Casino, and Best2day Support. The fact that a majority of them use dedicated Dropbox accounts led to calls of a breach.

Despite outside help, Dropbox hasn’t discovered the cause of the localized spam, nor have they ruled out a breach.

“As of today, we’ve found no intrusions into our internal systems and no unauthorized activity in Dropbox accounts. We’ve reached out to users who’ve reported receiving spam messages and are closely investigating those reports…Investigations like this can take time and we’re working hard to get to the bottom of this,” a message posted to the Dropbox forum says.  

In the meantime, tensions on the Dropbox forums are running a little high, the more this drags out. Moderators are getting testy with those who complain about the lack of more detailed information, and regular users are in a constant state of debate over the likely cause of the issues.

Advertisement. Scroll to continue reading.

We’ll update this story as additional developments emerge.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Compliance

The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Data Protection

While quantum-based attacks are still in the future, organizations must think about how to defend data in transit when encryption no longer works.