Dropbox's website appeared offline late Friday night, with the company releasing a statement saying the issue occurred during "routine internal maintenance." Just moments before the outage, though, the hacker group The 1775 Sec took to Twitter to state that they were responsible for downing the Dropbox website, and that they did so in in honor of late programmer and activist Aaron Swartz on the eve of the one-year anniversary of his death. The news followed reports that a Massachusetts Institute of Technology subdomain had also been taken down by hackers in honor of the late programmer.
BREAKING NEWS: We have just compromised the @Dropbox Website http://t.co/HqnsZOLSXR #hacked #compromised— The 1775 Sec (@1775Sec) January 11, 2014
Anonymous followed the tweet up minutes later, echoing the original statement. The 1775 Sec followed their original tweet up by stating that they were giving Dropbox time to resolve vulnerabilities with their website, threatening a database leak if the issue isn't resolved.
Indeed, the site was unavailable at the time of this article's original publication, displaying a message that it was "experiencing issues." In a statement sent to The Verge and other media outlets, Dropbox said the issue came from within the company. But when asked directly about the possibility of an outside meddling, Dropbox did not confirm or deny the possibility, instead responding with the same statement as follows:
We have identified the cause, which was the result of an issue that arose during routine internal maintenance, and are working to fix this as soon as possible… We apologize for any inconvenience.
Another Twitter account claiming to be affiliated with the Anonymous hacktivist movement posted what it said was leaked information of Dropbox users, but several security researchers pointed out that the information contained in the purported leak matched other, unrelated security breaches. After the leak, the 1775 Sec Twitter account claimed the information was a deliberate hoax, saying it only launched a distributed denial-of-service attack (DDoS) on Dropbox, and had not breached Dropbox security, nor compromised any Dropbox user data:
We are literally choking on laughter! We DDoS attacked #DropBox. Claiming its a data breach! This is so ducking funny?— The 1775 Sec (@1775Sec) January 11, 2014
We've reached out to Dropbox for more information on the latest developments on their end and will update when learn more.
Update: Dropbox is up again. The company says that an issue occurred during internal maintence, and denies that the outage was caused by any "external factors."
Dropbox site is back up! Claims of leaked user info are a hoax. The outage was caused during internal maintenance. Thanks for your patience!— Dropbox (@Dropbox) January 11, 2014