or Connect
AppleInsider › Forums › General › General Discussion › Dropbox Denies hacker breach responsible for hours long outage
New Posts  All Forums:Forum Nav:

Dropbox Denies hacker breach responsible for hours long outage

post #1 of 29
Thread Starter 
Popular cloud storage service Dropbox went down Friday night for at least two hours due to what the company claims was an issue pertaining to internal maintenance, though one hacker group alleges to have caused the outage with a DDoS attack.

Dropbox


Shortly after users reported the outage at around 6 p.m. PST, a hacker group identifying themselves as The 1775 Sec tweeted that it had successfully compromised the Dropbox database. The post also linked to a supposed cache of user data uploaded to website Pastebin.com.

During the downtime, Dropbox users attempting to access the service through its web portal were automatically directed to a system status page displaying the image above. As of this writing, the webpage has been changed to reflect that "Dropbox is under maintenance" and attempts to log in are met with an Error (500) message.

When contacted by multiple media outlets, Dropbox maintained the leaked data claim was a hoax, a fact later confirmed by subsequent tweets from The 1775 Sec. The supposed hacker group later said it had used bots to carry out a distributed denial of service attack in honor of Internet prodigy and political activist Aaron Swartz, who committed suicide on Jan. 11, 2013.

At the time of his death, Swartz was facing charges for allegedly stealing over 1,000 academic journals from JSTOR through a Massachusetts Institute of Technology network. He supposedly planned to make the documents freely available to the public.

January 11, 2014


In an update to Dropbox's tech blog a around 8:30 p.m., the company announced the service was back online and once again refuted claims of leaked user data. An identical message was posted to Twitter at around the same time.
post #2 of 29
DDoS isn't a breach, it's just an automated flood of requests designed to overload a site.
No data will have been taken. No proficient hacking team use DDoS attacks, these are just used by script kiddies who think it makes them hackers.
post #3 of 29
Duplicate post.
post #4 of 29
Quote:
Originally Posted by Evilution View Post

Duplicate post.

 

DDoS post ? :D 


Edited by ArnaudNe - 1/11/14 at 5:22am
post #5 of 29
It may be a coincidence but yesterday at about the time of the takedown Dropbox on my Mac asked for authorization to change permissions on my home folder. I said no (hell no) but it resulted in my whole home directory being taken offline (I have it on a separate hdd from the system which is on ssd). I had to go through the zap PRAM, nvram, fsck, repair disk, repair permissions, re-bless partition dance to get it back up and running.

Not sure if someone was trying to gain root permissions through Dropbox or if the outage just gave the machine vertigo. Glad I said no though. Also, glad I don't store sensitive material in the cloud.
post #6 of 29
Of course it wasn't hacked. That would be lame, already happened 3 times or so, not very original to do anymore
http://www.zdnet.com/dropbox-gets-hacked-again-7000001928/
I’d rather have a better product than a better price.
Reply
I’d rather have a better product than a better price.
Reply
post #7 of 29

My dropbox a/c is still off-line, some 16 hours since the 1st outage. Removed cookies, restarted computer, but sign-in only leads to the Error 500 screen. Sigh  :(

This doesn't seem like a "maintenance issue".

post #8 of 29

At what point do all of these constant breaches of security begin to sour the public on online commerce? Local TV interviews over the Target data breach has made more than a few customers pledge to use cash only from now on. I my own case the majority of my financial business is done online, such as direct deposit of my retirement income, automatic payment of bills (utilities, credit cards, etc.) and I am reconsidering the use of online payments systems. It’s probably safer to just send a check in the mail. 

post #9 of 29
they also denied a breach over a year ago when the email addresses and who knows what else of their customers were stolen. denial does not make it not happen.
"Personally, I would like nothing more than to thoroughly proof each and every word of my articles before posting. But I can't."

appleinsider's mike campbell, august 15, 2013
Reply
"Personally, I would like nothing more than to thoroughly proof each and every word of my articles before posting. But I can't."

appleinsider's mike campbell, august 15, 2013
Reply
post #10 of 29
Quote:
Originally Posted by lkrupp View Post
 

At what point do all of these constant breaches of security begin to sour the public on online commerce? Local TV interviews over the Target data breach has made more than a few customers pledge to use cash only from now on. I my own case the majority of my financial business is done online, such as direct deposit of my retirement income, automatic payment of bills (utilities, credit cards, etc.) and I am reconsidering the use of online payments systems. It’s probably safer to just send a check in the mail. 

Yes ... the mail is reliable and nothing ever gets stolen in the mail.

post #11 of 29
Quote:
Originally Posted by joelsalt View Post
 

Yes ... the mail is reliable and nothing ever gets stolen in the mail.

 

Talking about what’s safer, not what’s safe. Nothing is safe but at this point it looks like traditional postal mail is a lot safer than online transactions. 

post #12 of 29
Originally Posted by joelsalt View Post
Yes ... the mail is reliable and nothing ever gets stolen in the mail.

 

What sort of nonsense is this?

In the mall I can put a bullet in the stomach of the person trying to rob me.

 

Which way should I point my gun to stop my information being stolen from someone else’s servers?

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply
post #13 of 29
Quote:
Originally Posted by Tallest Skil View Post
 


....In the mall I can put a bullet in the stomach of the person trying to rob me.

 

Which way should I point my gun to stop my information being stolen from someone else’s servers?

This explains a lot!

post #14 of 29
Inability to read before declaring something as nonsense for one.

censored

Reply

censored

Reply
post #15 of 29
The indications are that it was a simple DDoS attack and no data taken. That according to the supposed hackers. But they did find seeding the misinformation funny apparently.
https://twitter.com/1775Sec/status/421852503848656898
melior diabolus quem scies
Reply
melior diabolus quem scies
Reply
post #16 of 29

Dropbox = Crapbox.

 

They were caught lying few times in the past. I wouldn't trust anything these guys say.

post #17 of 29
@robogobo

"Also, glad I don't store sensitive material in the cloud."

Funny, at no point in this was I ever concerned. I just encrypt everything before it goes up into the cloud using nCrypted Cloud. Whether it's Dropbox or any cloud storage provider being hacked, I'm not worried ^^
post #18 of 29
Quote:
Originally Posted by robogobo View Post

Also, glad I don't store sensitive material in the cloud.

Nothing? Are you sure about that?

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #19 of 29
Quote:
Originally Posted by lkrupp View Post

Another zero day troll joins the forum? I guess we’ll find out real soon.

1) I will never understand why someone would sign up for a forum just to go after you for going after another person. I have no problem with someone coming to a rational defense of another but MightyApple comment is no way seems like he's defending joelsalt's position.

2) I didn't think your comment was so subtle for anyone to think that "snail mail" can't be stolen (or that personal identification is safe if one were to even completely remove all online account, and I recommended confetti shredding all documents before throwing away) but perhaps you do need to go into more detail to make your position more clear.

3) Calling joelsalt's comment assine is fine but calling him a jackass is a personal attack. I'd change that.

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply

"The real haunted empire?  It's the New York Times." ~SockRolid

"There is no rule that says the best phones must have the largest screen." ~RoundaboutNow

Reply
post #20 of 29
Quote:
Originally Posted by lkrupp View Post
 

 

Another zero day troll joins the forum? I guess we’ll find out real soon.

Not a zero day troll Krupp, just a long time fan of the site who is fed up of the bullying and intimidation of certain forum members on here.  I', just pointing out I think your are out of line calling someone a jackass that's all.  You'll find alot of forum members have moved back to MacRumors due to the hostile attitude of the so called forum regulars on here.  Instead of welcoming new blood alot of people on here just bully them into never coming back  I'm all for a headed discussion but the level of hostility on here is shocking!

My wife bought an Android phone so now I'm single...
Reply
My wife bought an Android phone so now I'm single...
Reply
post #21 of 29
Quote:
Originally Posted by MightyApple View Post
 

Not a zero day troll Krupp, just a long time fan of the site who is fed up of the bullying and intimidation of certain forum members on here.  I', just pointing out I think your are out of line calling someone a jackass that's all.  You'll find alot of forum members have moved back to MacRumors due to the hostile attitude of the so called forum regulars on here.  Instead of welcoming new blood alot of people on here just bully them into never coming back  I'm all for a headed discussion but the level of hostility on here is shocking!

 

MacRumors? The so-called Apple centric forum where the Apple haters far outnumber Apple fans? And yes, there is a hostile attitude for those who post nothing but negative slander about Apple here. Those are welcome to leave and go to MacRumors where they will be welcomed by the majority of like minded Apple haters. We had one of the most virulent Apple haters from C|net join here a few weeks ago. It took about a week before he was banned. If you want to make unfounded claims about Apple here you will be challenged vigorously. You will be pressed to provide evidence for your claims and criticisms. Your opinions will not be taken at face value and accepted without argument. I don’t consider that to be a hostile environment unless you think spouting nonsense without evidence to back it up is perfectly okay.

 

And by the way, the user name you chose is a typical trollish moniker. Many are very skeptical of the motives of new members based upon their choice of user names. Just saying.

 

As for the jackass comment, snarky responses are sometimes met with the same response. I was merely expressing my growing concern about conducting financial business online and that it would probably be safer these days to just put a paper check in the traditional mail. The responder’s snark implied traditional mail is just as perilous as an online transaction and that I didn’t know the difference. That’s being a jackass in my opinion.

 

And as Forrest Gump would say, that’s all I have to say about that.


Edited by lkrupp - 1/11/14 at 6:11pm
post #22 of 29
Originally Posted by MightyApple View Post
Not a zero day troll Krupp, just a long time fan of the site who is fed up of the bullying and intimidation of certain forum members on here.

 

Of whom, exactly? Let us know so that we can bully them more.

 
You'll find alot of forum members have moved back to MacRumors due to the hostile attitude of the so called forum regulars on here.

 

HA! Going to MacRumors; that’s rich.

 
Instead of welcoming new blood

 

We welcome anyone with blood in their veins. A lot of newcomers tend to have something thicker flowing there, however.

 

“What’re you…”

 

Either gold or feces, depending.

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply
post #23 of 29
Quote:
Originally Posted by lkrupp View Post
 

 

MacRumors? The so-called Apple centric forum where the Apple haters far outnumber Apple fans? And yes, there is a hostile attitude for those who post nothing but negative slander about Apple here. Those are welcome to leave and go to MacRumors where they will be welcomed by the majority of like minded Apple haters. We had one of the most virulent Apple haters from C|net join here a few weeks ago. It took about a week before he was banned. If you want to make unfounded claims about Apple here you will be challenged vigorously. You will be pressed to provide evidence for your claims and criticisms. Your opinions will not be taken at face value and accepted without argument. I don’t consider that to be a hostile environment unless you think spouting nonsense without evidence to back it up is perfectly okay.

 

And by the way, the user name you chose is a typical trollish moniker. Many are very skeptical of the motives of new members based upon their choice of user names. Just saying.

 

As for the jackass comment, snarky responses are sometimes met with the same response. I was merely expressing my growing concern about conducting financial business online and that it would probably be safer these days to just put a paper check in the traditional mail. The responder’s snark implied traditional mail is just as perilous as an online transaction and that I didn’t know the difference. That’s being a jackass in my opinion.

 

And as Forrest Gump would say, that’s all I have to say about that.

Dude, get some sleep!

post #24 of 29
Quote:
Originally Posted by Tallest Skil View Post
 

 

“What’re you…”

 

Either gold or feces, depending.

Huh?

post #25 of 29
Originally Posted by christopher126 View Post
Huh?


You’re slipping. You’re supposed to take a single random word out of context and append a question mark. You’re not supposed to show any cognition or involvement in the subject whatsoever.

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply

Originally Posted by Marvin

The only thing more insecure than Android’s OS is its userbase.
Reply
post #26 of 29
Quote:
Originally Posted by joelsalt View Post
 

Yes ... the mail is reliable and nothing ever gets stolen in the mail.

 

I've never heard that 110 million people's personal information got stolen all at once in the mail.

post #27 of 29
If you're doing scheduled maintenance, give your users a heads up. If you're doing emergency maintenance, give your users a heads up. If your service has been attacked or hacked, give your users a heads up. If you want to hide something, don't give your users a heads up - but they'll find out later anyway.
post #28 of 29

Well put lkrupp !!!!

post #29 of 29
Quote:
Originally Posted by lkrupp View Post
 

 

MacRumors? The so-called Apple centric forum where the Apple haters far outnumber Apple fans? And yes, there is a hostile attitude for those who post nothing but negative slander about Apple here. Those are welcome to leave and go to MacRumors where they will be welcomed by the majority of like minded Apple haters. We had one of the most virulent Apple haters from C|net join here a few weeks ago. It took about a week before he was banned. If you want to make unfounded claims about Apple here you will be challenged vigorously. You will be pressed to provide evidence for your claims and criticisms. Your opinions will not be taken at face value and accepted without argument. I don’t consider that to be a hostile environment unless you think spouting nonsense without evidence to back it up is perfectly okay.

 

And by the way, the user name you chose is a typical trollish moniker. Many are very skeptical of the motives of new members based upon their choice of user names. Just saying.

 

As for the jackass comment, snarky responses are sometimes met with the same response. I was merely expressing my growing concern about conducting financial business online and that it would probably be safer these days to just put a paper check in the traditional mail. The responder’s snark implied traditional mail is just as perilous as an online transaction and that I didn’t know the difference. That’s being a jackass in my opinion.

 

And as Forrest Gump would say, that’s all I have to say about that.

 

Quote:
Originally Posted by lkrupp View Post
 

 

MacRumors? The so-called Apple centric forum where the Apple haters far outnumber Apple fans? And yes, there is a hostile attitude for those who post nothing but negative slander about Apple here. Those are welcome to leave and go to MacRumors where they will be welcomed by the majority of like minded Apple haters. We had one of the most virulent Apple haters from C|net join here a few weeks ago. It took about a week before he was banned. If you want to make unfounded claims about Apple here you will be challenged vigorously. You will be pressed to provide evidence for your claims and criticisms. Your opinions will not be taken at face value and accepted without argument. I don’t consider that to be a hostile environment unless you think spouting nonsense without evidence to back it up is perfectly okay.

 

And by the way, the user name you chose is a typical trollish moniker. Many are very skeptical of the motives of new members based upon their choice of user names. Just saying.

 

As for the jackass comment, snarky responses are sometimes met with the same response. I was merely expressing my growing concern about conducting financial business online and that it would probably be safer these days to just put a paper check in the traditional mail. The responder’s snark implied traditional mail is just as perilous as an online transaction and that I didn’t know the difference. That’s being a jackass in my opinion.

 

And as Forrest Gump would say, that’s all I have to say about that.

 

Quote:
Originally Posted by Tallest Skil View Post
 

 

Of whom, exactly? Let us know so that we can bully them more.

 

HA! Going to MacRumors; that’s rich.

 

We welcome anyone with blood in their veins. A lot of newcomers tend to have something thicker flowing there, however.

 

“What’re you…”

 

Either gold or feces, depending.



Ignoring Skils comments lkrupp I must apologise for being very aggressive in regard to your posts.  It was ill manoured and ungentlemanly but I mistakently took it you were bullying the original poster here.  I see now I was mistaken and hope you find my apology acceptable!

My wife bought an Android phone so now I'm single...
Reply
My wife bought an Android phone so now I'm single...
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: General Discussion
AppleInsider › Forums › General › General Discussion › Dropbox Denies hacker breach responsible for hours long outage