Legal Technology News - E-Discovery and Compliance Blog

« Congrats to Craig Ball - 7th ASBPE | Main | iPad Doc Review App »

June 21, 2011

Dropbox Exposed Customer Data For Four Hours Yesterday

Security breach at Dropbox! The online file sharing service du jour disclosed that it accidentally made customer files accessible by using any password for four hours yesterday. The company played this down by saying that "much less than 1 percent" of users logged in during that period and that the bug was fixed five minutes after Dropbox discovered it.

Screen shot 2011-06-22 at 10.01.21 AM Problem is, Dropbox has 25 million customers. So a figure like "much less than 1 percent" -- even if it's only half of 1 percent -- is still 125,000 customers. Also, according to Dropbox, that five-minute fix didn't happen until the bug had been live for almost four hours.

How does a company's authentication system break for four hours, affecting tens or hundreds of thousands of customers, in the middle of the afternoon before the company realizes?

Attorneys would be well-advised to stop using Dropbox until the company improves its security policies and earns a track record of trust.


TrackBack URL for this entry:

Listed below are links to weblogs that reference Dropbox Exposed Customer Data For Four Hours Yesterday:


The comments to this entry are closed.

Sign Up for the E-Discovery and Compliance Newsletter

An Affiliate of the Network

From the Newswire

Sign up to receive Legal Blog Watch by email
View a Sample

Contact EDD Update

Subscribe to this blog's feed

RSS Feed: LTN Podcast

Monica Bay's Law Technology Now Podcasts are also available as an RSS feed.

Go to RSS Subscribe page

March 2013

Sun Mon Tue Wed Thu Fri Sat
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30

Blog Directory - Blogged