Dropbox denies claims of a security breach, blames downtime on ‘internal maintenance’ issue (update: DDoS attack, no security breach)

Screenshot 2014-01-10 21.48.01

Update 2: The attackers have admitted that the attack was a simple DDoS and that the database was not compromised. The leaked information was apparently fake.

Dropbox has gone offline due to what some are claiming is a breach of the company’s website. The company claims that the outage was caused by an issue that arose during routine maintenance.

We are aware of an issue currently affecting the Dropbox site. We have identified the cause, which was the result of an issue that arose during routine internal maintenance, and are working to fix this as soon as possible. We apologize for any inconvenience.

Hackers have claimed credit for the attack on Twitter, saying that action is being taken in honor of the one-year anniversary of the death of Aaron Swartz. They have also claimed that unless the issue is fixed quickly, they plan to release the site’s user database to the public. Dropbox has officially denied these claims.

[tweet https://twitter.com/1775Sec/status/421820685766250496 align=’center’]

Update: The group responsible for the breach has released what they claim is a small part of the user database online as proof that they have compromised the site.

[tweet https://twitter.com/1775Sec/status/421842856748126208 align=’center’]

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

  1. Yep, paritial leaks will get you every time.

  2. Shaun G - 9 years ago

    Anyone who thinks that leaving their data in the cloud is 100% safe is frankly living in cloud cuckoo land IMO. If the NSA don’t get you, the hackers will. I only ever store important documents on a USB memory stick which I never use whilst online and never leave plugged into my computer. Plug > Copy > Eject. The memory stick is password protected and it goes where I go.

    • OneOkami (@OneOkami) - 9 years ago

      Nothing that graces an external network (e.g. the internet) is 100% safe. And the fact is all of us who haven’t lived in a bubble since the moment we were born already have a great amount of personal information out there. Did you ever enroll in a school? Do you have a bank account? Work a legitimate job? File your taxes? Have a line of credit? Mortgage or rent any kind of home? Have any sort of registered identity? Well then there’s a whole lot information about you that a lot of people you don’t even know exist have access to. That’s just reality. Now I don’t blame people who make efforts to minimize this (personally I guess i’m just not that paranoid about it, I know my stuff is already out there at the mercy of someone else’s security), but don’t think you are ever 100% safe short of 100% disconnecting your life from the outside world.

  3. sardonick - 9 years ago

    Stupid punks are everywhere. Always have been, always will be. Until stronger punishments are levied out, and until they can actually be physically caught, it’s never going away. Security is up to the users. Luckily, this was just punks trying to get hits.

  4. rob nienburg (@robogobo) - 9 years ago

    It may be a coincidence but yesterday at about the time of the takedown Dropbox on my Mac asked for authorization to change permissions on my home folder. I said no (hell no) but it resulted in my whole home directory being taken offline (I have it on a separate hdd from the system which is on ssd). I had to go through the zap PRAM, nvram, fsck, repair disk, repair permissions, re-bless partition dance to get it back up and running.

    Not sure if someone was trying to gain root permissions through Dropbox or if the outage just gave the machine vertigo. Glad I said no though. Also, glad I don’t store sensitive material in the cloud.

  5. I switched to Copy ( https://copy.com/?r=8bcsQC ) a while back and haven’t regretted the move yet. Copy is run by Barracuda Networks, not a small startup. I grew tired of these “issues” with Dropbox, as well as the slow syncing. As a bonus, I’m now up to 350+GB of free storage with Copy. Use the link and you get an extra 5GB to start – another big plus over Dropbox.

    • kenhacker - 9 years ago

      Well, Barracuda are not a small startup company however they are famous for their security vulnerabilities. As a hacker/developer and seen some scary things with “big” companies, like Barracuda that you mention, I would NEVER but one of their blue boxes on our network where I work. I’ve seen BIG security issues with Barracuda, Watchguard, Symantec, etc… No stick to companies that do mostly open source and well documented source code, architecture and design. Big companies mostly just rip you of with bunch of pr/marketing bs. Not to mention they usually don’t update their products, just look at Barracuda and Ironport, it’s a joke.

      /Ken

  6. jetpacktamazirte - 9 years ago

    For sharing data and for syncing PC’s I use https://copy.com?r=GFVLdv very often.
    If You use my referral You will get 20GB : https://copy.com?r=GFVLdv
    Thank You