Cloud Storage Provider Dropbox Hacked

Lot of healthcare organizations rely on cloud storage providers for storing digital images, medical transcription records and other sensitive patient related information.  Dropbox is one of the leading cloud storage provider leveraging Amazon S3 cloud storage services for storing data. However, dropbox manages their customer login credentials on their platform to manage and bill customers.  Dropbox storage service was compromised in June of 2011,  the company said that they would install measures to make sure this  wouldn’t happen again.
Again, last month users of the popular Dropbox started receiving a ton of spam messages, which caused the company to investigate the matter. Turns out a hacker was able to gain access to an employee Dropbox account, which  contained an e-mail list of other users. And the kicker was that some passwords were also attached.
While you can read the whole story here, the news coming out as of this afternoon is that the company only took measures (notified and resetted
the passwords of affected users) listed by an online leak.
Next Steps:
1) If you own a Dropbox account and you don’t want it to send a ton of spam messages on your behalf, take two seconds and change your password.
2) If you are considering online storage services at least don’t have dropbox on your list of possible vendors for now until they secure and demonstrate security capabilities.
To learn more about security and compliance capabilities of online cloud storage vendors engage our consulting experts.
Share this in :
The following two tabs change content below.
Our mission is to assist healthcare organizations and business associates in the development, design, and implementation of practices to secure IT systems and comply with HIPAA/HITECH privacy, security, breach and enforcement rules by protecting patient health information.