Dropbox Spam Attack Blamed on Another Website's Breach

Wednesday, 1 Aug 2012 | 3:57 PM ET
Source: Dropbox.com

The cloud storage service Dropbox is blaming a recent spam attack on a stolen password from a breach on another website.

About two weeks ago Dropbox users began reporting spam messages sent to the email addresses they were using for their Dropbox account. After investigating the matter, the cloud storage company discovered that usernames and passwords stolen from another site has also been used to access some accounts.

"Our investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of Dropbox accounts. We’ve contacted these users and have helped them protect their accounts," Dropbox engineer Aditya Agarwal stated in a company blog post.

One of the stolen passwords was used to hack a Dropbox employee's account, which had a document with users' e-mail addresses, according to Agarwal's statements.

The company is taking further steps to prevent future attacks including an option for users to provide two forms of identification—such as a password and another temporary code—when signing in, automated systems to help track suspicious activity and a page that allows users to view all log-in activity.

Users may also be prompted to change their password, for instance, if the user has had the same password for a long time.

email: tech@cnbc.com


Contact Technology


    Get the best of CNBC in your inbox

    › Learn More
  • Matt Hunter is the senior technology editor at CNBC.com.

  • Cadie Thompson is a tech reporter for the Enterprise Team for CNBC.com.

  • Working from Los Angeles, Boorstin is CNBC's media and entertainment reporter and editor of CNBC.com's Media Money section.

  • Jon Fortt is an on-air editor. He covers the companies, start-ups, and trends that are driving innovation in the industry.

  • Lipton is CNBC's technology correspondent, working from CNBC's Silicon Valley bureau.

  • Mark is CNBC's Silicon Valley/San Francisco Bureau Chief covering technology and digital media.