Dropbox says no evidence of hack in investigation of spam

Dropbox’s ongoing investigation into a possible security breach has not produced any evidence that its systems have been infiltrated, according to an update Friday to the company’s user forum.

“As of today, we’ve found no intrusions into our internal systems and no unauthorized activity in Dropbox accounts,” said the update, posted early Friday morning.

The cloud storage company brought in a team of outside investigators to look into complaints that users were receiving spam at email addresses they used solely for Dropbox. Several users reported receiving the same spam messages, spurring fears that the spammers had obtained their email addresses through Dropbox.

Because users sometimes store personal and professional data with cloud storage services like Dropbox, security is a serious issue.

“We’ve reached out to users who’ve reported receiving spam messages and are closely investigating those reports. Security is our top priority and we’ll let you know if we uncover evidence that these email addresses came from Dropbox,” a Dropbox staffer wrote.

Users on the forum indicated that they hadn’t received any further spam on Friday, and several users appeared comforted by the update.

But not so for user Jan-Willem G.

“I find it rather disturbing that … you’re already almost excluding a hack after just four days of investigation, while it seems very clear that it is indeed the case that your database servers got hacked. Though it is good news that [there] has been no unauthorized activity in Dropbox accounts (yet),” he wrote.

Security investigations can be slow to yield definitive answers, the Dropbox update noted.

Cameron Scott covers search, web services and privacy for The IDG News Service. Follow Cameron on Twitter at CScott_IDG.