Dropbox administration announced that the cloud service became the victim of spammers who stole usernames and passwords of its users. As reported by CNet, starting mid-July Dropbox account holders have begun to complain about getting emails with advertising of casinos and gambling sites. Most of the complaints came from Germany, the Netherlands and the UK. Service management has responded to complaints and promised to solve the problem as soon as possible. Dropbox passwords stolen

Bunch Of Passwords Leaked From Dropbox

Following the audit, they've identified the theft of logins and passwords from the third-party sites from which a small number of users of Dropbox gets access to their accounts, - as mentioned in the message from Dropbox. They've caught up with those users and helped them protect their accounts. One of the stolen passwords was used to access Dropbox account where someone stored the document with the email addresses of users. So Dropbox staff believes that this is what led to the emergence of spam. Let me remind you that it's better to protect your iDevice with antivirus than to face the consequences of a malicious attack. Dropbox apologized and said they will implement an additional level of protection. New automatic two-factor authentification algorithms to help detecting suspicious activity added, and a new page that allows you to check the settings for the account created as well. Also in the near future be two-step authentication technology will appear - when the user will need to confirm their identity, not only with a password, but also additional data, for example, a verification code, which will be sent to your phone. The cases with the security breaks, either on iOS or Mac, begin to appear more frequently, especially this year. The nature of most of those security breaches tells the main problem of such intrusions is user's nonchalance as the people often grant third-party apps access to their personal data. Often even without acknowledging which type of data the app/service/program is going to collect (remember the info about users personal data access). It's like everyone does that so it's ok for me too.