Online storage service Dropbox accidentally turned off password assay-mark for its 25 million users for four hours on Monday — although “ much less than 1 percentage ” of those accounts were access during the stop , the company said . It is still inquire whether any of those accounts were improperly accessed .
Dropbox CTO Arash Ferdowsiwrotethat the fellowship introduce a codification variety at 1:54 p.m. PST that caused a problem in the hallmark mechanism . About four hours later , the job was discovered , and Dropbox killed all of the session of those who were enter at the time—“much less ” than 1 percentage of its substance abuser , Ferdowsi compose .
A fix was introduced at 5:46 p.m. PST , he said .
“ We ’re conducting a thorough probe of related activity to understand whether any account were improperly accessed , ” Ferdowsi publish . “ This should never have happen . We are scrutinizing our controls , and we will be follow up additional safeguards to forbid this from happening again . ”
The company later say it had advise all those who were enter at the time of the error and require them to go over details of activity on their account . Those concerned can also query Dropbox at “ support@dropbox.com . ”
The issue was noticed by some user . Christopher Soghoian , a University of Indiana doctorial prospect and surety investigator , post atip - offfrom an unidentified source to the website Pastebin .
In May , Soghoian wrote acomplaint missive to the FTC , alleging that the society has deceived consumers about the level of encoding security it offers . Dropbox said the ill was without merit .
Several Dropbox users were disconcert by Monday ’s hallmark problem , while others brushed it off .
“ Every single Dropbox client should be getting an e - mail powerful now about this — not hearing about it from other sources or from a seemingly calm - toned web log post , ” indite a substance abuser pass by the name of Tony Webster . “ Dropbox has n’t even tweeted about this a full 24 hours after it encounter . I know I would wish revelation of every single activity happening on my Dropbox account during the four hr anybody could access it , and I need that info immediately . ”
But an anonymous bill sticker wrote , “ What kind of awesome cancer / AIDS curing enquiry have you stored on your Dropbox account ? Mistakes happen and they sterilize it . At least they told you about it . How many other companies do that ? ”
