Dropbox Hacked: 68M Passwords Stolen, Change Yours Today

by Edgar Hayes September 2, 2016, 0:48
Dropbox Hacked: 68M Passwords Stolen, Change Yours Today

Cloud storage provider Dropbox has said the password reset measures the company put in place has prevented any hacking of user data, following revelations made in stories which argued that millions of account details had been accessed.

As many as 68 million usernames and passwords of those using Dropbox landed at the hands of cyber-criminals during the security breach of 2012, according to recent estimates.

Despite the company saying it believes no user accounts have been compromised, details from 68,680,741 accounts are in four 5GB files obtained by breach notification website Leakbase.

Troy Hunt, a Microsoft Regional Director and MVP, tested and confirmed that the Dropbox hack had been leaked and the breach information was legitimate.

Following the Dropbox data breach, Spotify has force reset its users' password.

The company did not comment on how the account information had been breached.

Come to WIRED Security, a new one-day event from WIRED, curated to explore, explain and predict new trends, threats and defences in cyber security.

"Even if these passwords are cracked, the password reset means they can't be used to access Dropbox accounts".

Dropbox hacked with 68 million users at risk from an attack originating in 2012.

At the time Dropbox practiced good user data security practice, encrypting the passwords and appears to have been in the process of upgrading the encryption from the SHA1 standard to a more secure standard called Bcrypt. This is a common technique that has kept security experts at internet companies busy this year protecting their password-reusing customers. "Our analysis suggests that the credentials relate to an incident we disclosed around that time", Dropbox wrote in the blog post.

But Mr Heim warned that people who use the same password for other applications and websites should consider changing them as well.

Did Dropbox ask you to update your password last week?

Hunt also confirmed Dropbox had asked his wife, via email, to reset her password, concluding: "As for Dropbox, they seem to have handled this really well".


TOP News

European captain names wild cards ahead of Golf Ryder Cup

42 per cent hike in minimum wages 'historic', says Arun Jaitley

Serena Williams shoulders burden of history at US Open tennis championships 2016

Rio Olympics 2016: Spectacular closing ceremony as Olympic flag goes to Tokyo

Bank of Nova Scotia (BNS) PT Raised to C$73.00 at Desjardins

Dog swims over 6 miles, walks 12 more to find family

Ford Motor says U.S. auto sales to weaken further in 2017

Taylor Swift gets out of jury duty

Clinton defends family foundation, says work will continue

Two film studios to produce Sanjay Leela Bhansali's 'Padmavati'