Re: Does anyone know where Dropbox server are based

Belle90 · ‎09-02-2017

There is an issue with my dropbox account that I have had to close with regards to a recent hacking situation which the police are now involved.

I am in the UK and as I m already in contact with Dropbox the police have asked me to ask where Dropbox server are based as they would like to request information etc

Hope you can help

Thank you

Mark · ‎09-02-2017

They are stored in the US for free and Plus users : https://www.dropbox.com/help/security/physical-location-data-storage

Business users can request other places if they have a legal need to (e.g. to avoid US snooping!)(

See http://www.datacenterdynamics.com/content-tracks/colo-cloud/dropbox-moves-into-european-data-centers...

- - - -

Did this post help you? If so please mark it for some Kudos below.

Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.

Did this post not resolve your issue? If so please give us some more information so we can try and help - please remember we cannot see over your shoulder so be as descriptive as possible!

View solution in original post

Mark · ‎09-02-2017

They are stored in the US for free and Plus users : https://www.dropbox.com/help/security/physical-location-data-storage

Business users can request other places if they have a legal need to (e.g. to avoid US snooping!)(

See http://www.datacenterdynamics.com/content-tracks/colo-cloud/dropbox-moves-into-european-data-centers...

- - - -

Did this post help you? If so please mark it for some Kudos below.

Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.

Did this post not resolve your issue? If so please give us some more information so we can try and help - please remember we cannot see over your shoulder so be as descriptive as possible!

Belle90 · ‎09-02-2017

Hi Mark thank you

I have also researched what data dropbox collect from their users and it is the following

Name

Email address

Credit card number (if paying for service)

Billing address

Email address of anyone with whom you share a Dropbox folder

Email addresses of anyone you refer to Dropbox

Ip address

Browser type

Website visited prior to arriving on dropbox

Location data

Mobile device type if applicable

Wireless carrier information

Data and time of transactions

All files you upload or download from Dropbox

I get why Dropbox would I am sure somewhere out there, some people may use dropbox to store things like child pornography or something really illegal say it God forbid even had pictures of a crime committed etc regardless if a Dropbox account was deleted I they must store the information somewhere. I know Dropbox will have data but they just need a request from police.

The police are requesting information from Dropbox as Dropbox themselves cannot tell me anything. I understand Dropbox will not response to broad requests however if someone hacked into my account and was in a current session for 2 hours and only viewed explicit photos and videos of myself and my partner surely that's a good enough reason as this person may have shared this content?

Dropbox have told me it was an authentic login. However a few days before and after the Dropbox login I have had attempted hacks into my PayPal ebay uber accounts as well as facebook. I have also had an attempted fraudulent transaction on my hsbc card that the fraud team stopped thank god.

What are your thoughts?

Thank you

Mark · ‎09-02-2017

My first thoughts are all of the information you've listed relates to transactions, not, general browsing and use of the site. A lot of the information for transactional reasons needs to be kept for legal requirements - e.g. I use WorldPay in the UK to process my e-commerce stuff and know I can access the majority of that info from their portal (with exception of previous sites accessed).

The also, obviously keep access to what you upload as thats the information on the site. As for download, I'm not sure - they've ALWAYS said they dont. Which could be understandable when you consider the scale of people accessing/editing files. The last data released was 500million users (https://blogs.dropbox.com/dropbox/2016/03/500-million/). That doesnt mention data much, but at 400 million users (https://blogs.dropbox.com/dropbox/2015/06/400-million-users/) users were syncing 1.2 billion files every day, creating over 100,000 new shared folders and links every hour, and making 4,000 edits every second. I can imagine logging all of that would be almost impossible.

Lets also remember that Dropbox ONLY has HIPPA compliance (which is a legal requirement in certain health industries in the US) on certain Business products. At those levels access/editing IS logged. If it was done elsewhere they'd advertise it surly?

As for the sharing, unfortunately, I really dont know. Ultimately nobody will ever know - as I've said before you need to get the police to request the information (probably via the courts). I, however, wouldnt hold my breath I'm afraid based on how few times they release information: https://blogs.dropbox.com/dropbox/2017/07/transparency-report-jul-dec-2016/.

- - - -

Did this post help you? If so please mark it for some Kudos below.

Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.

Did this post not resolve your issue? If so please give us some more information so we can try and help - please remember we cannot see over your shoulder so be as descriptive as possible!

Belle90 · ‎09-02-2017

Thanks for your reply.

I have required the ip address that the police also have. Although the ip address is a vpn they were using privax which is a sister company of hidemyass. And the isp is owned by avast who the police have also contacted. Maybe by identifying the person by ip address which police said is very possible, they can seize their computer. I really don't know. My worst nightmare is that this content is shared online somewhere. Very upsetting.

Mark · ‎09-02-2017

I can only imagine 😞

Fingers crossed they can and do.

BUT (and this is only my gut feeling) I'd have imagined if they were going to share it they would have done so by now. The 'product' (in this case your images) lose their worth over time and once people know about them. A lot of the power behind the images is the impact it has. And if you already know they are out there, or expect them to be, they lose that power. They lose the 'hold' over you in some ways.

- - - -

Did this post help you? If so please mark it for some Kudos below.

Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.

Did this post not resolve your issue? If so please give us some more information so we can try and help - please remember we cannot see over your shoulder so be as descriptive as possible!

Belle90 · ‎09-02-2017

Do you think if they identify the person by the ip address that was used to access by Dropbox account they can search their computer to see if they have my files on their computer and search for evidence of them sharing it etc and say this person has hacked lots of other people.

Can police do that based on that info alone incase dropbox for whatever reason can't say if the files were downloaded or not.

Mark · ‎09-02-2017

Thats going to really depend upon the police I'm afraid.

To search computers etc. it would also need, I'm sure, a Warrant from a court so I imagine they'd need evidence that its a) happened b) in public interests (costs v outcome etc.)

[This thread is now closed by moderators due to inactivity. If you're experiencing a similar behavior, feel free to Ask help from the Community here.]

- - - -

Did this post help you? If so please mark it for some Kudos below.

Did this post fix your issue/answer your question? If so please press the 'Accept as Solution' button to help others find it.

Did this post not resolve your issue? If so please give us some more information so we can try and help - please remember we cannot see over your shoulder so be as descriptive as possible!