ALMOST SEVEN MILLION Dropbox accounts were said to be compromised after hackers claimed they were able to access logins and passwords for the service through a third-party service.
More than 400 accounts were leaked onto Pastebin, with the message claiming that it was a tiny sample of the seven million accounts hacked. The message said it would make the remainder accounts available to users in return for bitcoin donations.
Dropbox issued a statement denying it was hacked, saying it had checked the accounts listed and found they were “not associated with Dropbox accounts.”
The usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox. Attackers then used these stolen credentials to try to log in to sites across the internet, including Dropbox. We have measures in place to detect suspicious login activity and we automatically reset passwords when it happens.
In a statement to Business Insider, a spokesperson for Dropbox said the company consistently expires passwords for accounts that are being attacked, but couldn’t provide a number of accounts expired recently. Although BI mentions that it’s unclear whether the remaining 6.9 million other accounts are also safe.
The hack comes after a similar incident involving Snapchat, where 100,000 images were obtained by hackers through a third-party site. The third-party site involved, SnapSaved.com, admitted it was hacked due to a misconfiguration in its server.
If you use Dropbox, it’s strongly recommended that you change your password immediately, especially if you use the same passsword for more than one account. Also, it’s worth activating two-step verification to all your accounts to give them an extra layer of security.
Dropbox currently has 220 million users worldwide.
COMMENTS (5)
Access to the comments facility has been disabled for this user
View our policy