Popular cloud storage service provider, Dropbox has acknowledged that the security of some of its users' accounts was compromised. The users were getting spam emails from hackers who managed to get their hands on the account details of the users of these compromised accounts.
The matter was escalated when some of the Dropbox users started receiving spam mails on their email accounts associated with their Dropbox account. The cloud storage service provider, however, took some time to find pout the root cause of the issue and has tried to fix it by helping the users improve their accounts' security.
Dropbox has apologised to the users about the security breach through a blog post on their official blog saying, "Our investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of Dropbox accounts. We've contacted these users and have helped them protect their accounts."
The reason for the breach in security is not due to the lack of security in the Dropbox software but at the company's end. "A stolen password was also used to access an employee's Dropbox account containing a project document with users' email addresses. We believe this improper access is what led to the spam. We're sorry about this, and have put additional controls in place to help make sure it doesn't happen again," the cloud storage service provider added.
Dropbox has decided to upgrade their security and will be employing newer measures to make sure that nothing of this sort happens to the users in future.
Dropbox in the coming few weeks will be employing a two-factor authentication process. Users will require two proofs of identity such as their password and a temporary code sent to their phone when signing in. This will remain as an optional thing for users who want to have such a feature.
Secondly, Dropbox will be having a new page that will let users examine all active logins to your account, thereby informing them about any suspicious activity happening with their account.