Spike in Dropbox spam raises security worries
European users report spam being sent to Dropbox email accounts
European Dropbox users have reported a sudden spike in spam received by email addresses associated with their accounts, raising fears that the service has suffered a security compromise.
On 17 July, users in Germany, The Netherlands and the UK started complaining on the Dropbox user forum that they were receiving emails from a number of Russian-registered domains including 'Euro Dice Exchange' pushing casino spam.
There has been no confirmation that the issue relates to Dropbox's security but the company said it was looking into the issue in a statement issued to a third-party news site.
Related Articles on Techworld
“We‘re aware that some Dropbox users have been receiving spam to email addresses associated with their Dropbox accounts,” read the statement.
“Our top priority is investigating this issue thoroughly and updating you as soon as we can. We know it's frustrating not to get an update with more details sooner, but please bear with us as our investigation continues.”
In a presumably coincidental outage, the service was unavailable for around half an hour at 8pm BST on 18 July.
With a growing list of suspected account and password hacks having been reported in recent weeks, including yahoo and Nvidia - paranoia is starting to reign. So far the possibility that Dropbox has been added to that list is no more than a suspicion.
In June, the Dropbox account of US presidential candidate Mitt Romney was reported to have been hacked (through no fault of the company itself); in 2011 the company was embroiled in a controversy with security researcher Christopher Soghoian, who claimed that while the company employed file encryption this could be unlocked by employees.
Later in 2011, Soghoian publicised a separate issue that had for a period of time allowed some Dropbox users to log into any account using any password.