Hackers have obtained login credentials of more than 68 million Dropbox accounts from a known 2012 data breach where hackers accessed Dropbox’s internal systems and accessed a list of user email accounts and now those 68 million login credentials are leaked on the internet. Motherboard, security expert Troy Hunt and Leaked source have studied the list of Dropbox accounts and have validated that account information includes emails as well as passwords. However, they are encrypted. Dropbox said it had no indication that any of its user accounts were improperly entered, and that it had notified its users and made them reset their passwords on the accounts. Dropbox on its blog claims “We first heard rumors about this list two weeks ago and immediately began our investigation. We then emailed all users we believed were affected and completed a password reset for anyone who hadn’t updated their password since mid-2012.” “This reset ensures that even if these passwords are cracked, they can’t be used to access Dropbox accounts.” One Security practices dropbox claimed “We’ve implemented a broad set of controls including independent security audits and certifications, threat intelligence, and bug bounties for ethical hackers. In addition, we build open source tools such as zxcvbn, use bcrypt password hashing, and offer Universal 2nd Factor authentication to all users.” Dropbox also recommends its users to create a strong, unique passwords and enable two-step verification. They also alerted its users from spam or phishing because email addresses were also included in the list that is leaked online.

Δ

Dropbox hacked   68 Million Account Details Leaked Online - 73Dropbox hacked   68 Million Account Details Leaked Online - 38Dropbox hacked   68 Million Account Details Leaked Online - 90