How secure is Dropbox?
We look at how secure Dropbox is as part of our wider cloud storage roundup
Dropbox enjoyed popularity among consumers as an easy-to-use file storage suite, although it has shifted towards the enterprise market in recent years.
During that time, Dropbox has also improved its security protocols in response to growing threats online, including the encryption of data in transit using secure sockets layer (SSL), and at rest using AES-256 bit encryption. The platform also has stolen and lost device protection, allowing you to unlink devices from your account on the fly.
Business users get some extra features, including the option to set permissions for file collaboration and enable password protection and expirations to any shared links.
Dropbox employees are unable to view the content of your files, although the company does have the mechanism to access files if required to do so, such as during a legal investigation. Metadata is accessible by employees too, normally as part of tech support.
History of Dropbox hacking
Major Dropbox hacks have been few and far between, although those that occur proved to be particularly damaging for the company.
The first happened in 2012 when a compromised password was used to access a Dropbox account owned by an employee. At the time, Dropbox said the hack provided an intruder with access to documents containing a handful of customer email addresses, which became the target of phishing attacks. This prompted Dropbox to add two-factor authentication to account logins.
However, in 2016 it was revealed that the hack was much larger than previously thought, with a dumped database of 68 million passwords being leaked online that was said to stem from the initial 2012 breach. Dropbox said at the time that there were no indications that user accounts had been compromised following the incident.
In This Article
Consumer choice and the payment experience
A software provider's guide to getting, growing, and keeping customersDownload now
Prevent fraud and phishing attacks with DMARC
How to use domain-based message authentication, reporting, and conformance for email securityDownload now
Business in the new economy landscape
How we coped with 2020 and looking ahead to a brighter 2021Download now
How to increase cyber resilience within your organisation
Cyber resilience for dummiesDownload now