Are your Dropbox files visible in another users’ account?
Imagine opening your private Dropbox account where you keep your highly sensitive client documents, or maybe your banking information, your childrens’ medical records, or God forbid you have inappropriate pictures of yourself. And in that account, you see batches of files that aren’t familiar to you.
You’re searching for some pictures of the time you saw your friend’s band play, but instead, your camera uploads folder is peppered with dozens of pictures of a teen girl with her scantily clad friends. You see screenshots from text message conversations you’ve never seen before in your life and certainly didn’t have.
You haven’t sold any devices that had your Dropbox account on them, and you never got an invitation to view any shared folders in your camera uploads, so confusion sets in.
What do you do?
What then? Do you call the cops? Do you reach out to Dropbox? Do you freak out that your own files, those most sensitive documents, are on someone else’s account?
One user is going through this very same problem, and have been met with silence when protesting to the Dropbox team. He typically keeps a large screen in his office on “random” mode to show pictures from his Dropbox account, which suddenly is swarmed with pictures that any preliminary investigation by Dropbox could see were clearly not uploaded by any of his IP addresses.
So we asked Dropbox, is this glitch isolated? Are other accounts affected? Is this a new problem or a long term issue Dropbox has struggled with? What should other users do if they find content in their account that is clearly not theirs?
Could this be a problem with permissions? Perhaps an issue with iCloud? Maybe a smidge of both? Maybe neither? Maybe an isolated incident?
As of publication, there has been no response, just as there was silence when the user reached out about the issue various times during the last year.
Dropbox has a history of problems
Despite raising $1.1 billion in six rounds of funding, the eight year old brand has over 400 million users and is the clear favorite (even the team here relies upon it). They’re the darling of cloud storage, hands down.
They say that over one billion files are saved to Dropbox every hour and is used by 97 percent of Fortune 500 companies.
Imagine being the CEO of one of those Forutne 500 companies, let’s say Verizon; and you open your Dropbox account to see private photos of Sprint projects co-mingled with your camera uploads. Bingo! But wait, can they see yours? Can AT&T? You probably panic and call in the troops. Sure, there are ways you can protect and back up your cloud data, but not necessarily if a glitch has users’ accounts visible to other users.
Hector Salcedo at the Credeon Blog summarizes Dropbox’s spotty past succinctly:
“Unfortunately for business users, Dropbox is also the most targeted cloud service by hackers and thieves. Remember when hackers held 7 million Dropbox passwords ransom? Not only is Dropbox prone to cyber-attacks, but they also suffer from bugs and leaving open doors. In October 2014, Dropbox released an update with a bug that deleted user files, making backup on Dropbox inadequate for business. File deletion!? Then what’s the point of storing files in the cloud anyway?”
Salcedo continues, “Prior to this incident, a cloud-based file locker, Intralinks, found that Dropbox users were unknowingly allowing private data to be read by third parties as their files were being indexed by search engines. Links that you may have shared with other colleagues were being indexed by Google, Yahoo! and Bing, and if competitors searched for a matching keyword on your link, they could click and open your files without you knowing. As you can see saving sensitive company information with Dropbox offers significant risk for business users.”
There are a bevy of reasons this could be happening and could even be isolated, and Dropbox has been provided with the user’s information to investigate. But for now, this serves as a stark reminder that no service is perfect or invulnerable – not Dropbox, not email, not even paper files.
Big retailers are opting for refunds instead of returns
(BUSINESS NEWS) Due to increased shipping costs, big companies like Amazon and Walmart are opting to give out a refund rather than accepting small items returned.
The holidays are over, and now some people are ready to return an item that didn’t quite work out or wasn’t on their Christmas list. Whatever the reason, some retailers are giving customers a refund and letting them keep the product, too.
When Vancouver, Washington resident, Lorie Anderson, tried returning makeup from Target and batteries from Walmart she had purchased online, the retailers told her she could keep or donate the products. “They were inexpensive, and it wouldn’t make much financial sense to return them by mail,” said Ms. Anderson, 38. “It’s a hassle to pack up the box and drop it at the post office or UPS. This was one less thing I had to worry about.”
Amazon.com Inc., Walmart Inc., and other companies are changing the way they handle returns this year, according to a report by The Wall Street Journal (WSJ). The companies are using artificial intelligence (AI) to weigh the costs of processing physical returns versus just issuing a refund and having customers keep the item.
For instance, if it costs more to ship an inexpensive or larger item than it is to refund the purchase price, companies are giving customers a refund and telling them to keep the products also. Due to an increase in online shopping, it makes sense for companies to change how they manage returns.
Locus Robotics chief executive Rick Faulk told the Journal that the biggest expense when it comes to processing returns is shipping costs. “Returning to a store is significantly cheaper because the retailer can save the freight, which can run 15% to 20% of the cost,” Faulk said.
But, returning products to physical stores isn’t something a lot of people are wanting to do. According to the return processing firm Narvar, online returns increased by 70% in 2020. With people still hunkered down because of the pandemic, changing how to handle returns is a good thing for companies to consider to reduce shipping expenses.
While it might be nice to keep the makeup or batteries for free, don’t expect to return that new PS5 and get to keep it for free, too. According to WSJ, a Walmart spokesperson said the company lets someone keep a refunded item only if the company doesn’t plan on reselling it. And, besides taking the economic costs into consideration, the companies look at the customer’s purchase history as well.
Google workers have formed company’s first labor union
(BUSINESS NEWS) A number of Google employees have agreed to commit 1% of their salary to labor union dues to support employee activism and fight workplace discrimination.
On Monday morning, Google workers announced that they have formed a union with the support of the Communications Workers of America (CWA), the largest communications and media labor union in the U.S.
The new union, Alphabet Workers Union (AWU) was organized in secret for about a year and formed to support employee activism, and fight discrimination and unfairness in the workplace.
“From fighting the ‘real names’ policy, to opposing Project Maven, to protesting the egregious, multi-million dollar payouts that have been given to executives who’ve committed sexual harassment, we’ve seen first-hand that Alphabet responds when we act collectively. Our new union provides a sustainable structure to ensure that our shared values as Alphabet employees are respected even after the headlines fade,” stated Program Manager Nicki Anselmo in a press release.
AWU is the first union in the company’s history, and it is open to all employees and contractors at any Alphabet company in the United States and Canada. The cost of membership is 1% of an employee’s total compensation, and the money collected will be used to fund the union organization.
In a response to the announcement, Google’s Director of People Operations, Kara Silverstein, said, “We’ve always worked hard to create a supportive and rewarding workplace for our workforce. Of course, our employees have protected labor rights that we support. But as we’ve always done, we’ll continue engaging directly with all our employees.”
Unlike other labor unions, the AWU is considered a “Minority Union”. This means it doesn’t need formal recognition from the National Labor Relations Board. However, it also means Alphabet can’t be forced to meet the union’s demands until a majority of employees support it.
So far, the number of members in the union represents a very small portion of Google’s workforce, but it’s growing every day. When the news of the union was first announced on Monday, roughly 230 employees made up the union. Less than 24 hours later, there were 400 employees in the union, and now that number jumped to over 500 employees.
Unions among Silicon Valley’s tech giants are rare, but labor activism is slowly picking up speed, especially with more workers speaking out and organizing.
“The Alphabet Workers Union will be the structure that ensures Google workers can actively push for real changes at the company, from the kinds of contracts Google accepts to employee classification to wage and compensation issues. All issues relevant to Google as a workplace will be the purview of the union and its members,” stated the AWU in a press release.
Ticketmaster caught red-handed hacking, hit with major fines
(BUSINESS NEWS) Ticketmaster has agreed to pay $10 million to resolve criminal charges after hacking into a competitor’s network specifically to sabotage.
Live Nation’s Ticketmaster agreed to pay $10 million to resolve criminal charges after admitting to hacking into a competitor’s network and scheming to “choke off” the ticket seller company and “cut [victim company] off at the knees”.
Ticketmaster admitted hiring former employee, Stephen Mead, from startup rival CrowdSurge (which merged with Songkick) in 2013. In 2012, Mead signed a separation agreement to keep his previous company’s information confidential. When he joined Live Nation, Mead provided that confidential information to the former head of the Artist Services division, Zeeshan Zaidi, and other Ticketmaster employees. The hacking information shared with the company included usernames, passwords, data analytics, and other insider secrets.
“When employees walk out of one company and into another, it’s illegal for them to take proprietary information with them. Ticketmaster used stolen information to gain an advantage over its competition, and then promoted the employees who broke the law. This investigation is a perfect example of why these laws exist – to protect consumers from being cheated in what should be a fair market place,” said FBI Assistant Director-in-Charge Sweeney.
In January 2014, Mead gave a Ticketmaster executive multiple sets of login information to Toolboxes, the competitor’s password-protected app that provides real-time data about tickets sold through the company. Later, at an Artists Services Summit, Mead logged into a Toolbox and demonstrated the product to Live Nation and Ticketmaster employees. Information collected from the Toolboxes were used to “benchmark” Ticketmaster’s offerings against the competitor.
“Ticketmaster employees repeatedly – and illegally – accessed a competitor’s computers without authorization using stolen passwords to unlawfully collect business intelligence,” said Acting U.S. Attorney DuCharme in a statement. “Further, Ticketmaster’s employees brazenly held a division-wide ‘summit’ at which the stolen passwords were used to access the victim company’s computers, as if that were an appropriate business tactic.”
The hacking violations were first reported in 2017 when CrowdSurge sued Live Nation for antitrust violations. A spokesperson told The Verge, “Ticketmaster terminated both Zaidi and Mead in 2017, after their conduct came to light. Their actions violated our corporate policies and were inconsistent with our values. We are pleased that this matter is now resolved.”
To resolve the case, Ticketmaster will pay a $10 million criminal penalty, create a compliance and ethics program, and report to the United States Attorney’s Office annually during a three-year term. If the agreement is breached, Ticketmaster will be charged with: “One count of conspiracy to commit computer intrusions, one count of computer intrusion for commercial advantage, one count of computer intrusion in furtherance of fraud, one count of wire fraud conspiracy and one count of wire fraud.”
Business Marketing1 week ago
Free shipping is everywhere… how can small businesses keep up?
Business Marketing1 week ago
Why you must nix MLM experience from your resume
Business Marketing1 week ago
How many hours of the work week are actually efficient?
Opinion Editorials1 week ago
The truth about unemployment from someone who’s been through it
Tech News2 weeks ago
Star Citizen: A cautionary tale of Kickstarter and crowdfunding
Opinion Editorials2 days ago
Ways to socialize safely during quarantine
Business Finance4 days ago
Is the convenience of payment apps worth the risk of fraud?
Opinion Editorials2 weeks ago
5 insights into building a culture with your remote teams