Dropbox recently restored years-old "deleted" files for some customer accounts by accident, drawing attention to a potential privacy problem.
Files supposedly deleted by customers from the company's servers were instead retained for as long as eight years, according to several reports over the past few weeks. The company apologized for what it has described as "a bug" as well as a botched software fix that led to the unintended document recoveries.
Dropbox's engineers "quarantined and excluded" these faulty files from the queue of ones to be permanently deleted until they could fix the problem, Ross said. Then while attempting to implement a solution, the engineers "inadvertently" caused the years-old files to resurface from the trash heap and be restored to people's accounts. "This was our mistake," Ross wrote. "It wasn’t due to a third party and you weren’t hacked."
On Sunday, Dropbox promised to sweep the zombie files to oblivion, according to a follow-up note also penned by Ross. The company's engineers planned to roll out an automatic fix designed to clean up the mess later that day, he said. Ross added two caveats: resuscitated files and folders that customers have since edited will remain untouched. And customers who have developed a newfound fondness for their previously deleted documents can request that they be permanently restored by Dropbox's support team, as long as they do so within 30 days.
"Thanks again for your patience, and we’re sorry for any inconvenience and confusion we’ve caused," Ross said. Over the past few years, Dropbox has moved the vast majority of its cloud infrastructure off of Amazon, a popular cloud computing provider, onto its own custom machines.
110 Reykjavik, Iceland