Dropbox finds no intrusions or unauthorized activity, continues investigation

Lately, some Dropbox users witnessed a sudden rise in spam, which was also seen by those who had created the affected email addresses only for the file storage service. Dropbox had begun investigating the reason behind the spurt in spam messages, and even hired experts to do so. Now, Graham A reveals through Dropbox forums that they’ve found no intrusions in their internal systems and no unauthorized activity in Dropbox accounts.

Double the storage...

Dropbox investigates hack possibility


The forum post said, “We wanted to give everyone another update on our investigation into the reports of spam. As of today, we’ve found no intrusions into our internal systems and no unauthorized activity in Dropbox accounts. We’ve reached out to users who’ve reported receiving spam messages and are closely investigating those reports. Security is our top priority and we’ll let you know if we uncover evidence that these email addresses came from Dropbox. Investigations like this can take time and we’re working hard to get to the bottom of this.”

Reports claim that spam is being sent to different countries in Europe but it arrives in the user’s native language. Thus, it appears to be a coordinated attack. Although the spam emails point to different domains, all of them advertise various casinos. Further, the domains have been created recently using Russian DNS servers and are registered at Bizcn.

With so many hacking incidents these days, there were speculations about Dropbox being hacked. Though Dropbox claims that they haven’t detected a breach, investigations are still on. Recently, Yahoo! had confirmed that data comprising of 400,000+ email ids and passwords was taken from their servers. In a detailed note, Yahoo! Had revealed that an "older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 400,000 Yahoo! and other company users names and passwords was stolen on July 11."

Yahoo! went on to confirm that from the entire lot of e-mail ids and passwords compromised less than five percent had valid passwords. The company has assured in the note that it is fixing the loophole that led to the breach, while also changing the passwords of the affected accounts. They are also informing companies whose user accounts may have been affected by the breach. Yahoo! has also notified its users to change their passwords regularly, and also make themselves aware of online safety tips at security.yahoo.com.

Nvidia has also suspended the Nvidia forums in response to suspicious activity and had immediately begun an investigation. According to their investigation, some unauthorized third parties had gained access to some user information which includes username, email address, hashed passwords with random salt value and public-facing "About Me" profile information. Nvidia had confirmed the hack and also revealed that up to 400,000 of its user accounts were swiped by the hackers. These accounts belonged to users of the Nvidia Forum, Developer Zone, and Research Site, and the company has suspended all three.