Two security researchers say they were able to hack the cloud-based Dropbox service and access the files of users. "The Dropbox internal client API does not support or use two-factor authentication. This implies that it is sufficient to have only the host_id value to gain access to the target's data stored in Dropbox," they wrote in a research paper. In a statement, Dropbox denied that it has such a vulnerability.
Published in Brief: