Dropbox Investigating Spam Campaign and Possible BreachWritten by Sue Walsh on July 19, 2012
The complaints started coming in on Tuesday from users who said their inboxes were being flooded with spam that was advertising online gambling sites. The users say the accounts being spammed are ones linked to their Dropbox accounts and with so many complaints, Dropbox called in outside investigators to help track down the culprit. The flood of spam is so severe some users reported getting as much as one spam message a minute. Dropbox stated:
“We know it’s frustrating not to get an update with more details sooner, but please bear with us as our investigation continues.”
Some users speculated on the company’s forums that perhaps the spam is the result of an as of yet undetected data breach. If this is the case it would be a PR nightmare for Dropbox, which prides itself on keeping its user’s data secure. The site holds a massive amount of data from photos to personal documents. It seems they are worried enough about a possible compromise to have brought in the big guns. So far they haven’t found any evidence of unauthorized activity
I am an avid Dropbox user and hope a more benign explanation is found. Again, please note that at this point this issue is only affecting European users.
Do you think cloud storage services are inherently unsafe? Will the cloud be the next big target for cybercriminals? Why so or why not?