Is Dropbox Safe?
Rumors of Dropbox being hacked have been reported. Dropbox services millions of users. Signing up is as easy as signing up for an email account. However, there have been a series of articles claiming 7 million user accounts and passwords compromised.
“Recent news articles claiming that Dropbox was hacked aren’t true. Your stuff is safe. The usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox. Attackers then used these stolen credentials to try to log in to sites across the internet, including Dropbox. We have measures in place to detect suspicious login activity and we automatically reset passwords when it happens.
Attacks like these are one of the reasons why we strongly encourage users not to reuse passwords across services. For an added layer of security, we always recommend enabling 2 step verification on your account.”
Security breaches such as these create even more skepticism towards the public cloud. This breach is another reminder that even big name services do get hacked.
Dropbox is a great tool for consumers and business users to test the cloud waters. The foundation of Dropbox was originally developed as a consumer-grade service. It started with consumers signing up and uploading non-sensitive data―where confidentiality or privacy were of no concern in the cloud. Eventually businesses caught wind as an easy way to store or share their files on the cloud for free.
Since then cloud storage has evolved. Dropbox even created a Dropbox for Business division. Slick marketing eventually gained some degree of trust. According to Dropbox:
•Dropbox uses modern encryption methods to both transfer and store your data.
•Secure Sockets Layer (SSL) and AES-256 bit encryption.
•Dropbox applications and infrastructure are regularly tested for security vulnerabilities and hardened to enhance security and protect against attacks.
•Two-step verification is available for an extra layer of security at login. You can choose to receive security codes by text message or via any Time-Based One-Time Password (TOTP) apps, such as those listed here.
•Public files are only viewable by people who have a link to the file(s).
Let’s check out Microsoft’s long list of compliance standards here.
The answer is no. Dropbox only provides the bare minimum security requirements. This attack could prove to be false or one of many more to come. Business-grade backup and storage solutions are a must. As a solutions provider CyberStreams can help safeguard your information with routine status reports. We understand some industries require strict compliant certifications, look no further. To benefit we recommend a free consultation request. Contact us here.