When a few hundred Dropbox users began receiving spam emails about online casinos and gambling sites two weeks ago, it seemed like something was up. And indeed there was.
The online file storage service confirmed today that hackers accessed usernames and passwords from third party sites and then used them to get into Dropbox users’ accounts.
“Our investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of Dropbox accounts. We’ve contacted these users and have helped them protect their accounts,” the company wrote in a blog post today. “A stolen password was also used to access an employee Dropbox account containing a project document with user email addresses. We believe this improper access is what led to the spam.” (Read More)