Security Review

If you're a Dropbox user, you might want to check your recent events page and verify that no one accessed your account without authorization on Sunday.  According to the popular service's official blog, there was a 4-hour period that afternoon during which anyone could access any account using any password.  According to the same post, they've notified all users whose accounts were accessed (even by the authorized user) during that period.  Dropbox gets bonus points for being up-front about the nature and scope of the bug, and for being so proactive in alerting users who may have been affected.

If you're not a Dropox user, you probably should be. Even now.

No matter what, you should be encrypting your sensitive data on the client side (at your computer, or on your mobile device) before sharing it out on the cloud.  I recommend 1Password or TrueCrypt.