Dropbox Confirms Email Addresses Were Pilfered

bigvibes writes "A couple of weeks ago Dropbox hired some outside experts to investigate why a bunch of users were getting spam at e-mail addresses used only for Dropbox storage accounts. The results of the investigation are in, and it turns out a Dropbox employee's account was hacked, allowing access to user e-mail addresses." This particular employee had a list of user emails stored in their Dropbox. To prevent future incidents, Dropbox is moving toward two-factor authentication.

Nice of the hackers to tell us

[MrEricSir]

In so many of these cases, the only reason anyone finds out that a site or service was hacked was that the hackers were nice enough to brag about it in public or leave some kind of obvious trail.

It makes one wonder: how much black hat hacking goes undetected? A small company isn't likely to have security experts on staff, and even if they do there's no guarantee those experts will catch every break-in.