One of the largest internet file-hosting services, Dropbox, has admitted it left all of its 25-million user accounts unlocked for four hours.
The blunder happened on Sunday, June 19, when Dropbox accidentally turned off its password security system.
It means anyone could access accounts by typing anything they wanted into the password box. Dropbox admits it was its own mistake and wasn't caused by hackers.
Dropbox says anyone who was logged in to any account when the flaw was discovered was kicked off and the security hole was fixed within minutes.We’re working around the clock to gather additional data and continue to review logs for potentially unauthorized activity. We aim to notify users who had login activity during the period within the next few hours.We are sorry for this and regardless of how many people were ultimately affected, any exposure at all is unacceptable to us. We will continue to provide regular updates.
You can follow IJSMblog on Twitter and Facebook
Comments