{"id":5399,"date":"2012-08-02T10:21:01","date_gmt":"2012-08-02T17:21:01","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=5399"},"modified":"2023-08-18T09:05:02","modified_gmt":"2023-08-18T16:05:02","slug":"latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/","title":{"rendered":"Latest Dropbox Security Snafu Reminds Us Websites Aren&#8217;t Bulletproof"},"content":{"rendered":"<p>Earlier this month, <a href=\"https:\/\/www.computerworld.com\/article\/2724292\/dropbox-says-no-evidence-of-hack-in-investigation-of-spam.html\">Dropbox was investigating an issue<\/a> where users were receiving spam at email addresses they only used for Dropbox. Initially they had said that there was no sign that this was due to a breach, but now it looks like <a href=\"https:\/\/blog.dropbox.com\/topics\/company\/security-update-new-features\">their story is changing<\/a>.<\/p>\n<p>Presently the explanation is that there were a number of Dropbox accounts that were hacked due to usernames and passwords being reused from another site that was breached. One of those accounts was from an employee that was storing a document that contained email addresses of Dropbox users.<\/p>\n<p>People seem to think security issues won\u2019t happen to them because they\u2019re too unimportant to be targeted. But it\u2019s unlikely that this employee was a high level manager \u2013 it was probably someone in the trenches who deals directly with customers. And yet the information stolen from this employee has led to a big PR headache for Dropbox that has required them to make some big and expensive changes to their security policy. Not that the changes weren\u2019t called for in the first place \u2013 but it has forced their hand, and expedited action is never cheap.<\/p>\n<p>None of us is too unimportant to bother with security. We all need to guard our information, especially if we\u2019re putting it in the Cloud. It\u2019s irrelevant whether you think the data is valuable; the odds are that someone else can find a way to make a buck off it. So here\u2019s your security moral for the day:<\/p>\n<ul>\n<li><a href=\"https:\/\/www.intego.com\/mac-security-blog\/4-types-of-passwords-you-shouldnt-create-unless-you-want-your-account-hacked\/\"><strong>Do not<\/strong> reuse usernames and passwords<\/a> for different websites. Seriously.<\/li>\n<li>Change your passwords on sites periodically.<\/li>\n<li>Use two-factor authentication if it\u2019s offered.<\/li>\n<li>If you\u2019re going to post data in the cloud, encrypt it or password-protect it.<\/li>\n<\/ul>\n<p>In short: Assume that the website\u2019s security is not bulletproof. Act accordingly. If you keep that in mind, you can save yourself a lot of headaches when situations like this come to light.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Earlier this month, Dropbox was investigating an issue where users were receiving spam at email addresses they only used for Dropbox. Initially they had said that there was no sign that this was due to a breach, but now it looks like their story is changing.<\/p>\n","protected":false},"author":6,"featured_media":5189,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[13],"tags":[48],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"Earlier this month, Dropbox was investigating an issue where users were receiving spam at email addresses they only used for Dropbox. Initially they had said that there was no sign that this was due to a breach, but now it looks like their story is changing.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Latest Dropbox Security Snafu Reminds Us Websites Aren&#039;t Bulletproof - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"Earlier this month, Dropbox was investigating an issue where users were receiving spam at email addresses they only used for Dropbox. Initially they had said that there was no sign that this was due to a breach, but now it looks like their story is changing.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2012-08-02T17:21:01+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-08-18T16:05:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/07\/dropbox.png\" \/>\n\t<meta property=\"og:image:width\" content=\"140\" \/>\n\t<meta property=\"og:image:height\" content=\"140\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Lysa Myers\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/07\/dropbox.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/07\/dropbox.png\",\"width\":\"140\",\"height\":\"140\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/\",\"name\":\"Latest Dropbox Security Snafu Reminds Us Websites Aren't Bulletproof - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#primaryimage\"},\"datePublished\":\"2012-08-02T17:21:01+00:00\",\"dateModified\":\"2023-08-18T16:05:02+00:00\",\"description\":\"Earlier this month, Dropbox was investigating an issue where users were receiving spam at email addresses they only used for Dropbox. Initially they had said that there was no sign that this was due to a breach, but now it looks like their story is changing.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Latest Dropbox Security Snafu Reminds Us Websites Aren&#8217;t Bulletproof\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/12b11624d5a648c576d8dce6f93b230a\"},\"headline\":\"Latest Dropbox Security Snafu Reminds Us Websites Aren&#8217;t Bulletproof\",\"datePublished\":\"2012-08-02T17:21:01+00:00\",\"dateModified\":\"2023-08-18T16:05:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#webpage\"},\"wordCount\":335,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/07\/dropbox.png\",\"keywords\":[\"Dropbox\"],\"articleSection\":[\"Security &amp; Privacy\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/12b11624d5a648c576d8dce6f93b230a\",\"name\":\"Lysa Myers\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/783af524dca7753ceb3cd9a576398a0e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/783af524dca7753ceb3cd9a576398a0e?s=96&d=mm&r=g\",\"caption\":\"Lysa Myers\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/lysam\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"Earlier this month, Dropbox was investigating an issue where users were receiving spam at email addresses they only used for Dropbox. Initially they had said that there was no sign that this was due to a breach, but now it looks like their story is changing.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/","og_locale":"en_US","og_type":"article","og_title":"Latest Dropbox Security Snafu Reminds Us Websites Aren't Bulletproof - The Mac Security Blog","og_description":"Earlier this month, Dropbox was investigating an issue where users were receiving spam at email addresses they only used for Dropbox. Initially they had said that there was no sign that this was due to a breach, but now it looks like their story is changing.","og_url":"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/","og_site_name":"The Mac Security Blog","article_published_time":"2012-08-02T17:21:01+00:00","article_modified_time":"2023-08-18T16:05:02+00:00","og_image":[{"width":"140","height":"140","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/07\/dropbox.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Lysa Myers","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/07\/dropbox.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/07\/dropbox.png","width":"140","height":"140"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/","name":"Latest Dropbox Security Snafu Reminds Us Websites Aren't Bulletproof - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#primaryimage"},"datePublished":"2012-08-02T17:21:01+00:00","dateModified":"2023-08-18T16:05:02+00:00","description":"Earlier this month, Dropbox was investigating an issue where users were receiving spam at email addresses they only used for Dropbox. Initially they had said that there was no sign that this was due to a breach, but now it looks like their story is changing.","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Latest Dropbox Security Snafu Reminds Us Websites Aren&#8217;t Bulletproof"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/12b11624d5a648c576d8dce6f93b230a"},"headline":"Latest Dropbox Security Snafu Reminds Us Websites Aren&#8217;t Bulletproof","datePublished":"2012-08-02T17:21:01+00:00","dateModified":"2023-08-18T16:05:02+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#webpage"},"wordCount":335,"commentCount":0,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/07\/dropbox.png","keywords":["Dropbox"],"articleSection":["Security &amp; Privacy"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/latest-dropbox-security-snafu-reminds-us-websites-arent-bullet-proof\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/12b11624d5a648c576d8dce6f93b230a","name":"Lysa Myers","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/783af524dca7753ceb3cd9a576398a0e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/783af524dca7753ceb3cd9a576398a0e?s=96&d=mm&r=g","caption":"Lysa Myers"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/lysam\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2012\/07\/dropbox.png","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-1p5","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/5399"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=5399"}],"version-history":[{"count":7,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/5399\/revisions"}],"predecessor-version":[{"id":98661,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/5399\/revisions\/98661"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/5189"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=5399"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=5399"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=5399"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}