Dropbox, the cloud storage application company, has admitted it caused a major security blunder for a few hours. Dropbox allowed anyone to log in as anyone on cloud, which potentially exposed millions of account holders and their documents. The problem arose early Monday morning when the Dropbox software team updated its code, which removed authentication by the user. Instead of this error being signaled as an outright hack, Dropbox more or less shot itself in the foot by keeping the door unlocked and letting all and sundry enter!
The blunder made by Dropbox allowed anyone to log into another person’s account without having their passwords. Dropbox is not alone in this kind of mistake. Facebook made a similar mistake last year which lead to Mark Zuckerberg’s fan page being hacked. The no authentication mode was in place for several hours before Dropbox even realized what had taken place. As soon as they did, however, they fixed the problem within five minutes.

The backlash, however, was strong. The fact users’ personal data and documents were available for the entire world to see, even if only temporarily, was a serious blow to the company’s morale. Dropbox claimed that not more than 1% of their users were subjected to this blunder and had logged in during this unauthenticated period. Dropbox took a precaution and forced users to log out and log back in again. This would have kicked the hackers and scammers out of accounts they had no business being in anyway! The company is launching a through investigation to identify if Dropbox accounts were inappropriately accessed. In any instance where they find suspicious activity the user will be notified immediately. Users were also requested to report any unusual activity in their account to the Dropbox support team.

The software team worked until early hours of the morning to analyze the activity in the unusual accounts and the respective users were emailed a detailed report. Dropbox apologized for this blunder, admitting it was an unacceptable mistake. They also ensured that such an incident will never happen again by promising to look at its controls and place new safeguards.

Dropbox is popular because it can get around many restrictions companies place on emailing large files. For instance, if you want to send a large file, such as a video or graphic file, to someone in your organization, but cannot do so due to restrictions on email attachment sizes, Dropbox will let you upload the file and share it with your colleagues via a web link. This theory is similar to saving a file on a USB device and allowing your colleague to download it.

Security on the internet is becoming a concern around the world after several hack groups like Lulzsec and Anonymous made a series of hack attacks. This embarrassing blunder from Dropbox goes to show how easy it is to put one’s personal data at risk. Some serious questions were raised as a result of this blunder about the trustworthiness of Cloud storage devices and if it is really able to keep documents safe.

Author's Bio: 

At Advisory Journal we love gadgets! We love computers, smartphones, games, apps - the works! So if you want all the latest news on the coolest electronic gizmos, the latest websites, social networks and software, plus crucial updates and warnings on viruses, vulnerabilities and other internet and system security topics, you won't want to miss Advisory Journal's technology news column.