Articles Comments

ちからの備忘録的日記 » cloud » Dropbox でセキュリティ事故:不具合でだれでもログイン可能に

Dropbox でセキュリティ事故:不具合でだれでもログイン可能に

日本ではあまり大きな話になっていなかったのですが、Dropbox で結構やばい不具合発生していました。

Hi Dropboxers,
Yesterday we made a code update at 1:54pm Pacific time that introduced a bug affecting our authentication mechanism. We discovered this at 5:41pm and a fix was live at 5:46pm. A very small number of users (much less than 1 percent) logged in during that period, some of whom could have logged into an account without the correct password. As a precaution, we ended all logged in sessions.

We’re conducting a thorough investigation of related activity to understand whether any accounts were improperly accessed. If we identify any specific instances of unusual activity, we’ll immediately notify the account owner. If you’re concerned about any activity that has occurred in your account, you can contact us at

This should never have happened. We are scrutinizing our controls and we will be implementing additional safeguards to prevent this from happening again.


[Update – 10:46pm] – We’re working around the clock to gather additional data and continue to review logs for potentially unauthorized activity. We aim to notify users who had login activity during the period within the next few hours.

We are sorry for this and regardless of how many people were ultimately affected, any exposure at all is unacceptable to us. We will continue to provide regular updates.

[Update – 2:49am] – At this point, the accounts that logged in during the period have been emailed with additional activity-related details for review. If you have any questions or concerns, please contact us at

Yesterday’s Authentication Bug – The Dropbox Blog



うむー、Dropbox に限らず外部保管する際は、さらにパスワードをかけるとかした方がいいですなぁ。


» Yesterday’s Authentication Bug – The Dropbox Blog

» TrueCryptでDropboxのデータを暗号化して利用する –

Related Posts Plugin for WordPress, Blogger...

Filed under: cloud · Tags:

Leave a Reply