Dropbox has admitted hackers have again bypassed its security, confirming a number of customers email addresses and account details have been compromised.
The cloud storage provider was made aware of the breach when a number of customers reported receiving spam in email inboxes normally only used for Dropbox communications.
Dropbox confirmed it is aware of the breach and has already taken action, in a blog post on Tuesday.
"A couple weeks ago, we started getting emails from some users about spam they were receiving at email addresses used only for Dropbox," Dropbox said.
"Our investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of Dropbox accounts. We've contacted these users and have helped them protect their accounts."
Further accounts were compromised when the hackers reportedly got access to other emails by hacking a Dropbox employee's email account.
"A stolen password was also used to access an employee Dropbox account containing a project document with user email addresses. We believe this improper access is what led to the spam," read the blog post.
Dropbox confirmed that it has already reset affected customers passwords and will be introducing new two-factor authentication measures, including codes sent to mobile phones to help better protect its customers.
Prior to the hack the company suffered another major security flaw in June, when a authentication glitch left users accounts unguarded, letting anyone with the correct email address sign into them.
BT wants to make the public switched telephone network history within eight years
Personal data being purloined by third parties via Facebook Login API
MacOS and iOS are better off apart, says CEO Tim Cook
Or they'll no longer be entitled to updates and bug patches