Dropbox Leaves Doors Unlocked
Dropbox warned customers of its cloud-based storage service that some accounts were exposed for several hours on Sunday. The accounts were accessible to anyone without the correct password.
The company said fewer than 1 percent of all accounts were exposed during a four-hour period. The exposure was the result of a code update to the software authentication mechanism of the service, in which a bug was introduced.
"This should never have happened," said Dropbox CTO Arash Ferdowsi in a blog post. "We are scrutinizing our controls and we will be implementing additional safeguards to prevent this from happening again."
The company is investigating whether accounts were improperly accessed, and account owners will be notified if there was unusual activity, Ferdowsi noted.
Posted by Jeffrey Schwartz on June 22, 2011 at 11:58 AM