Spam for Dropbox users raises speculations about breach
Posted on 18 July 2012.
European Dropbox users have been inundated with spam advertising gambling websites, prompting speculations about a possible breach of the company's systems.

The news spread on Dropbox' online forum, as many users who claim to have used a unique email address to subscribe to the cloud storage service say that they have been receiving several of the aforementioned emails, written in English, German and Dutch.

H Security speculates that the maybe the spammers simply tried to send emails to email addresses that can be easily guessed, such as dropbox@domain.tld, and got lucky with some of them. The theory seems to hold water, as many users who have not used unique email addresses have not received this spam.

On the other hand, how is it that only European users were targeted?

"I don't get it... does Dropbox segregate users from different countries? I'd imagine if this was a breach, everyone would be getting these spam mails, NOT JUST European(German mainly) users," commented one user.

As more and more users pipe up to share their experience with this spam run and offer different theories, Dropbox has not shared what it already knows - if anything.

A Dropbox employee stated on the forum that the company continues to investigate the situation and that apart from its own internal security team, Dropbox has also engaged a team of outside experts to look into the matter.

"While we haven’t had any reports of unauthorized activity on Dropbox accounts, we’ve taken a number of precautionary steps and continue to work around the clock to make sure your information is safe," he wrote, and added that a recent 20-minute site outage was "incidental and not caused by any external factor or third party."


More than a third of employees would sell company data

35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right. This illustrates the growing importance for organizations to deploy data loss prevention strategies.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Jul 31st