Last week it was reported that Dropbox had experienced yet another security breach, this time inadvertently exposing files through publicly shared links. The same issue also impacted Box users.
Dropbox, Box and many other cloud hosting services often give users the option of creating shareable web links for their files. Users can send a web address – made up of a string of letters and numbers – to someone directly to download the file without having to log in. Due to the complexity of the link, the theory goes that it’s very difficult to guess, meaning that while the link may technically be public, it’s unlikely anyone could access it by chance.
But it seems that is exactly what has happened. A competitor discovered the public links via referral data in Google Analytics, as well as search results in Google Adwords.
As a precaution, Dropbox disabled access to public links previously shared, and has implemented a patch to prevent shared links from being exposed moving forward. However, these efforts were not enough to prevent some users’ sensitive files – including tax returns, bank records, mortgage applications, blueprints and business plans – from being exposed.
This latest vulnerability begs the question, how much do you really know about your document sharing provider? As a secure document sharing solution used to facilitate confidential business transactions, Firmex takes a great interest in the document sharing space. In the following Infographic we take a closer look at the leading consumer-grade document sharing platforms, to analyse exactly how secure they are, and what happens with the data you entrust to them.
Embed this graphic on your site: