Dropbox, the hugely popular digital locker service, has admitted to a security vulnerability with its service that led to some users receiving spam mail.
The firm is still investigating the issue but has released some details, their spokesperson said: "Our investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of Dropbox accounts. We've contacted these users and have helped them protect their accounts."
Unfortunately for Dropbox, one of its own employees was caught using the same password on his work account and another hacked provider. Dropbox says that it is this action that lead to users being spammed.
"A stolen password was also used to access an employee Dropbox account containing a project document with user email addresses. We believe this improper access is what led to the spam. We're sorry about this, and have put additional controls in place to help make sure it doesn't happen again," the spokesperson explains in a blog post.
"Keeping Dropbox secure is at the heart of what we do, and we're taking steps to improve the safety of your Dropbox even if your password is stolen."
Dropbox recommends using a different password for each web site you visit.
Return to internet news headlines
View Internet News Archive