All Eyes on Dropbox Following Latest Security Lapse

by www.dropbox.com/features screenshot

Dropbox is definitely one of the cloud-computing providers of choice, and a rising star among the new breed of online mega corporations. However, if they are not a lot more careful about their security levels, they just might see their growing horde of fans and users disappearing in the blink of an eye.

The first claim that their system might not be as secure as they say it is came in the form of a lawsuit that remains ongoing. The basis of that case is that while Dropbox leads clients to believe that they, and the people they share with, are the only people with unencrypted access to their information, there is actually a window during which employees of Dropbox, or even other people, may be able to access it.

It may not be their first security lapse, but the latest one, where passwords were not required, will probably be viewed as very serious, particularly by companies and organisations that store and share confidential and sensitive information on their service.

What Actually Happened?

According to statements from Dropbox, the real story behind the security lapse is that they were in the process of upgrading their platform code. During the upgrade, code with a flaw that allowed users to gain access to accounts using incorrect passwords was introduced, and that left all users of the system’s accounts vulnerable for several hours last week.

What Was the Response?

To their credit, as soon as Dropbox execs realised what was happening on the platform, they terminated all active sessions, and set about patching the flaw. They also did not deny that the breach occurred, and they have issued statements that they are introducing additional security measures, to ensure that this sort of breach cannot happen again.

How Will You Know If You Were Affected?

Another point in Dropbox’s favor is that they have actively started to review all their own logs from the time period that the flawed code was in place, and they are personally notifying customers and users who might have been affected by the glitch.

The truth is, however, that Dropbox is still a great service, and that even services that claim to be unhackable can only do so because no one has managed yet. You should still exercise caution when you store any information online or off, but you have to give the company some credit, if only for their prompt admission of the problem, and their action to fix it.

Author: taylor


»