Web-based storage firm Dropbox confirmed on Monday that a programmer's error caused a temporary security breach that allowed any password to access any user account.
Read this
Enisa: Telecoms companies are wary of data breach law
The Europe-wide security agency has said that companies are worried about a new law that would compel them to inform their customers when a data breach has occurred
The San Francisco-based start-up attributed the security breach to a "code update" that "introduced a bug affecting our authentication mechanism". Access without passwords was possible between 1:54pm PT (9.54pm BST) and 5:46pm PT on Sunday, the company said.
"This should never have happened," Dropbox co-founder and chief technology officer Arash Ferdowsi said in a blog post. "We are scrutinising our controls and we will be implementing additional safeguards to prevent this from happening again."
For more on this ZDNet UK-selected story, see Dropbox confirms security glitch--no password required on CNET News.
Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.
Talkback
This post has been removed by a moderator.