Cloud file hosting site Dropbox is experiencing problems this week after many users complained that their accounts had been hacked by a spammers, leading to reports speculating that Dropbox’s address database had been hacked. And now that Dropbox have admitted that they’ve brought in “an outside team of experts” to assist their own security team, it looks as though there may be some truth to the rumours.
The spam messages themselves were predominantly related to European casino scams, with many of the reports coming from Dropbox users in Germany, the UK and the Netherlands. At this stage the problems only seem to be an annoyance rather than loss or theft of data. Ordinarily it could be argued that the affected users were just unfortunate enough to be victims of random spambots that had guessed their emails addresses, some sort of malware on their PC, or perhaps a compromised third-party application.
However, many of the users who complained had set up unique and private email addresses that they used for Dropbox exclusively. If these reports are correct, the likelihood is that this attack is related to an address book leak, which indicates a successful hack against Dropbox. So with Dropbox’s admission that they’re bringing in outside help to deal with an investigation, all signs are pointing to the theory that the collaborative cloud storage has been the victim of a targeted attack.
Do you use Dropbox and have you noticed any evidence that your email address may have been compromised as a result of this alleged hack? Please let us know in the comments section.