Dropbox- 25 Million Accounts Left Unprotected
We’ve covered Dropbox a number of times, from the critical flaw discovered to Dropbox employees having access to your files, there’s no question that Dropbox is a bit of a sketchy place to trust cloud storage.
Well, it seems like the cloud-storage system continues to have major security issues. Dropbox “accidentally” turned off password authentication for 25 million users for four hours on Monday evening. Of the unprotected accounts, about 100,000 were accessed, or less than 1% of total affected accounts.
The CTO of Dropbox claimed that the company had introduced a new code change and hadn’t discovered the problem till about four hours after implementation, at which point they killed all logged-in sessions.
The company is conducting an investigation on whether any accounts were improperly accessed but if a hacker knew what he or she was doing, I am sure they could have eavesdropped on a number of people and leave the virtual crime scene, undetected.
While some are clearly angry about the code fumble, others defend Dropbox for alerting its customers within 24 hours of discovery, something that wasn’t done for the massive Sony hack.