Dropbox Hires Outside Security Detectives to Investigate Spam in Private Storage Accounts
Spam isn't supposed to get into private storage services; ostensibly, only subscribed users have access to their accounts.Cloud storage provider Dropbox believes its service suffered a security breach after some users discovered July 17 that they had been targets of spam emails sent to accounts used solely for the cloud file storage service. Spam isn't supposed to get into private storage services; ostensibly, only subscribed users have access to their accounts.
As a result, on July 19 Dropbox revealed that it has hired some outside security experts to help with its own investigation.
Dropbox said that most of the users who complained are from Europe and at least some of the spam messages are scams masquerading as messages from European gambling sites. "The data center is being transformed at a rapid pace--cloud, virtualization, converged infrastructure, BYOD and mobile are all big shifts being driven by ROI, cost savings and productivity business goals," said HyTrust President and founder and cloud security expert Eric Chiu. "However, at the same time, many of the other core elements such as security and compliance tools as well as processes have not changed to meet this new environment." Dropbox is an example of a consumer-type application that has infiltrated the enterprise, which can have serious security consequences, since employees often hold confidential corporate data without any enterprise security controls, Chiu said. "With external and internal breaches happening daily, this is a perfect formula for major disasters to happen. The need for consistent configuration, and controls for access, management and visibility is critical," Chiu said.