Spike in Dropbox spam raises security worries

European users report spam being sent to Dropbox email accounts

European Dropbox users have reported a sudden spike in spam received by email addresses associated with their accounts, raising fears that the service has suffered a security compromise.

On 17 July, users in Germany, The Netherlands and the UK started complaining on the Dropbox user forum that they were receiving emails from a number of Russian-registered domains including 'Euro Dice Exchange' pushing casino spam.

There has been no confirmation that the issue relates to Dropbox's security but the company said it was looking into the issue in a statement issued to a third-party news site.

"We're aware that some Dropbox users have been receiving spam to email addresses associated with their Dropbox accounts," read the statement.

"Our top priority is investigating this issue thoroughly and updating you as soon as we can. We know it's frustrating not to get an update with more details sooner, but please bear with us as our investigation continues."

In a presumably coincidental outage, the service was unavailable for around half an hour at 8pm BST on 18 July.

With a growing list of suspected account and password hacks having been reported in recent weeks, including Yahoo and Nvidia - paranoia is starting to reign. So far the possibility that Dropbox has been added to that list is no more than a suspicion.

In June, the Dropbox account of US presidential candidate Mitt Romney was reported to have been hacked (through no fault of the company itself); in 2011 the company was embroiled in a controversy with security researcher Christopher Soghoian, who claimed that while the company employed file encryption this could be unlocked by employees.

Later in 2011, Soghoian publicised a separate issue that had for a period of time allowed some Dropbox users to log into any account using any password.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John E Dunn

Latest Videos

More videos

Blog Posts