diff --git a/src/Core/Services/IAttachmentStorageService.cs b/src/Core/Services/IAttachmentStorageService.cs
index c32b6243a4..6114490588 100644
--- a/src/Core/Services/IAttachmentStorageService.cs
+++ b/src/Core/Services/IAttachmentStorageService.cs
@@ -1,4 +1,5 @@
-using System;
+using Bit.Core.Models.Table;
+using System;
 using System.IO;
 using System.Threading.Tasks;
 
@@ -6,7 +7,7 @@ namespace Bit.Core.Services
 {
     public interface IAttachmentStorageService
     {
-        Task UploadNewAttachmentAsync(Stream stream, Guid cipherId, string attachmentId);
+        Task UploadNewAttachmentAsync(Stream stream, Cipher cipher, string attachmentId);
         Task UploadShareAttachmentAsync(Stream stream, Guid cipherId, Guid organizationId, string attachmentId);
         Task StartShareAttachmentAsync(Guid cipherId, Guid organizationId, string attachmentId);
         Task CommitShareAttachmentAsync(Guid cipherId, Guid organizationId, string attachmentId);
diff --git a/src/Core/Services/Implementations/AzureAttachmentStorageService.cs b/src/Core/Services/Implementations/AzureAttachmentStorageService.cs
index b021f623e2..b528b7f917 100644
--- a/src/Core/Services/Implementations/AzureAttachmentStorageService.cs
+++ b/src/Core/Services/Implementations/AzureAttachmentStorageService.cs
@@ -3,6 +3,7 @@ using Microsoft.WindowsAzure.Storage;
 using Microsoft.WindowsAzure.Storage.Blob;
 using System.IO;
 using System;
+using Bit.Core.Models.Table;
 
 namespace Bit.Core.Services
 {
@@ -20,14 +21,29 @@ namespace Bit.Core.Services
             _blobClient = storageAccount.CreateCloudBlobClient();
         }
 
-        public async Task UploadNewAttachmentAsync(Stream stream, Guid cipherId, string attachmentId)
+        public async Task UploadUserAttachmentAsync(Stream stream, Cipher cipher, string attachmentId)
         {
-            await UploadAttachmentAsync(stream, $"{cipherId}/{attachmentId}");
+            await InitAsync();
+            var blob = _attachmentsContainer.GetBlockBlobReference($"{cipher.Id}/{attachmentId}");
+            blob.Metadata.Add("cipherId", cipher.Id.ToString());
+            if(cipher.UserId.HasValue)
+            {
+                blob.Metadata.Add("userId", cipher.UserId.Value.ToString());
+            }
+            else
+            {
+                blob.Metadata.Add("organizationId", cipher.OrganizationId.Value.ToString());
+            }
+            await blob.UploadFromStreamAsync(stream);
         }
 
         public async Task UploadShareAttachmentAsync(Stream stream, Guid cipherId, Guid organizationId, string attachmentId)
         {
-            await UploadAttachmentAsync(stream, $"{cipherId}/temp/{organizationId}/{attachmentId}");
+            await InitAsync();
+            var blob = _attachmentsContainer.GetBlockBlobReference($"{cipherId}/temp/{organizationId}/{attachmentId}");
+            blob.Metadata.Add("cipherId", cipherId.ToString());
+            blob.Metadata.Add("organizationId", organizationId.ToString());
+            await blob.UploadFromStreamAsync(stream);
         }
 
         public async Task StartShareAttachmentAsync(Guid cipherId, Guid organizationId, string attachmentId)
@@ -88,11 +104,33 @@ namespace Bit.Core.Services
             await blob.DeleteIfExistsAsync();
         }
 
-        private async Task UploadAttachmentAsync(Stream stream, string blobName)
+        public async Task DeleteAttachmentsAsync(Cipher cipher)
         {
             await InitAsync();
-            var blob = _attachmentsContainer.GetBlockBlobReference(blobName);
-            await blob.UploadFromStreamAsync(stream);
+            var attachments = cipher.GetAttachments();
+            if(attachments == null)
+            {
+                return;
+            }
+
+            foreach(var attachment in attachments)
+            {
+                var blobName = $"{cipher.Id}/{attachment.Key}";
+                var blob = _attachmentsContainer.GetBlockBlobReference(blobName);
+                await blob.DeleteIfExistsAsync();
+            }
+        }
+
+        public async Task DeleteAttachmentsForOrganizationAsync(Guid organizationId)
+        {
+            await InitAsync();
+
+        }
+
+        public async Task DeleteAttachmentsForUserAsync(Guid userId)
+        {
+            await InitAsync();
+
         }
 
         private async Task InitAsync()
diff --git a/src/Core/Services/Implementations/CipherService.cs b/src/Core/Services/Implementations/CipherService.cs
index 124602eca1..e094d99fe1 100644
--- a/src/Core/Services/Implementations/CipherService.cs
+++ b/src/Core/Services/Implementations/CipherService.cs
@@ -139,7 +139,7 @@ namespace Bit.Core.Services
             }
 
             var attachmentId = Utilities.CoreHelpers.SecureRandomString(32, upper: false, special: false);
-            await _attachmentStorageService.UploadNewAttachmentAsync(stream, cipher.Id, attachmentId);
+            await _attachmentStorageService.UploadNewAttachmentAsync(stream, cipher, attachmentId);
 
             try
             {
diff --git a/src/Core/Services/NoopImplementations/NoopAttachmentStorageService.cs b/src/Core/Services/NoopImplementations/NoopAttachmentStorageService.cs
index c48c546f56..59318d8be5 100644
--- a/src/Core/Services/NoopImplementations/NoopAttachmentStorageService.cs
+++ b/src/Core/Services/NoopImplementations/NoopAttachmentStorageService.cs
@@ -1,6 +1,7 @@
 using System;
 using System.IO;
 using System.Threading.Tasks;
+using Bit.Core.Models.Table;
 
 namespace Bit.Core.Services
 {
@@ -26,7 +27,7 @@ namespace Bit.Core.Services
             return Task.FromResult(0);
         }
 
-        public Task UploadNewAttachmentAsync(Stream stream, Guid cipherId, string attachmentId)
+        public Task UploadNewAttachmentAsync(Stream stream, Cipher cipher, string attachmentId)
         {
             return Task.FromResult(0);
         }