Several top E2EE cloud storage providers have serious security issues

Some cloud storage providers that offer end-to-end encryption (E2EE) are largely exploiting a broken ecosystem that, in a very realistic theory, could allow threat actors to tamper with the files in ways that shouldn’t be possible , experts claim.

In an in-depth analysis recently published on the website Brokencloudstorage.info, cybersecurity researchers Jonas Hofmann and Kien Tuong Truong of the ETF Zurich noted that if a threat actor compromises a corporate server, they can “inject files, tamper with file data and even directly access plaintext.”