Cloud storage provider Dropbox is in the process of investigating a potential security breach after its users complained of receiving spam earlier this week.
Dropbox says it hired an outside firm on Tuesday night after many of its users complained that spam was being sent to their email addresses, many of which were used specifically for Dropbox, a report by RedOrbit says.
So far, Dropbox says it has not had any reports of unauthorized activity on any user accounts, but it is investigating the spam as a precautionary measure.
Dropbox addressed user concerns in a forum post, but has not released any official press material or a blog post at this time. This is a strange strategy for communicating security issues for a company that has more than 50 million users.
The lack of support and security of Dropbox may give hosts an opportunity to sell cloud storage by leveraging both areas of expertise. Cloud providers like OnApp have released storage solutions for web hosts to offer end-users.
This incident also makes it clear that perhaps businesses shouldn’t be using services like Dropbox for corporate file sharing, as the security is not necessarily in place to protect this class of information. Solutions like Dropbox have seen increasing popularity since without management of BYOD, employees look for solutions on their own for cloud storage.
“The silence from Dropbox on this matter is worrying. If there is its security team plus that of an outside company working on it and so far nothing has been found than either their logs are not very detailed, the data was stolen from within or they sold the list on,” Gary P. posts in the forum thread. “There are no other options here, would someone please work out the chances of 5 email addresses all with random non dictionary words all being hit on the same day in the same email as cc recipients but no other random emails have been tried.”
Many of the users on the forum complaining of spam seem to be from Germany. According to recent research by German email security provider eleven, Germany is one of the top ten spam origin countries.
According to eWeek, some of the messages are masquerading as emails from European gambling sites. eleven says casino spam accounted for 14.4 percent of spam last year.
Talk back: Do your customers use Dropbox? Do you encourage business customers to use something more secure? Let us know in a comment.