

Dropbox: Fewer Than 100 Accounts Affected - immad
http://techcrunch.com/2011/06/24/dropbox-breach-fewer-than-100-accounts-affected-but-one-person-actively-exploited-it

======
mrkurt
I think the bigger takeaway from that article (for me) is that it was a really
nice, honest letter to affected customers. I know they got somewhat of a black
eye from their responses before, but this one was really good.

------
Kudos
I don't think I'll be the only one closing my Dropbox account now. It's not
just this event, but the recent series of privacy issues.

------
fmavituna
That's the way to apologize, very impressive way to handle the situation in
individual level.

Although the bigger issue is, how was this ever possible? Do they push code to
production without any normal or security code reviews? Without pen-testing?
And if that's the case what does it stop this problem to happen again?

------
mtogo
Already posted: <http://news.ycombinator.com/item?id=2693901>

~~~
bretthopper
When a duplicate post like this comes up, I usually flag it. Does anyone else
do this?

It really fragments discussion having duplicate posts on the main page since
people usually just comment on the first one they see.

I also noticed that the only difference in the URLs between the two was a
trailing slash. Shouldn't that be included in the dupe detection? Probably the
most frequent and easiest to catch cause.

