For those who haven’t done so already, it’s time to change your Dropbox password. It was recently discovered that Dropbox’s hack back in 2012 was more serious than what we thought; over 68 million user account information have been exposed.
According to Motherboard, they have obtained files containing email addresses and hashed passwords for Dropbox users. There are four files in total that are around 5GB large, with details on 68.680,741 accounts. This has been confirmed by a senior employee in Dropbox. They believe that these information was obtained in a breach that happened four years ago back in 2012.
“Our security teams are always watching out for new threats to our users. As part of these ongoing efforts, we learned about an old set of Dropbox user credentials (email addresses plus hashed and salted passwords) that we believe were obtained in 2012. Our analysis suggests that the credentials related to an incident we disclosed around that time.” – Dropbox
Fortunately, Dropbox told Motherboard that they see “no evidence of malicious access of these accounts”. All passwords on Dropbox are encrypted and the company has changed its hashing practices several times since 2012. Dropbox has also been resetting user passwords over the past week as a safety precaution with regards to this hack.
This isn’t the first hack and it definitely will not be the last, so it’s wise to change your passwords frequently, avoid reusing the same password on other services, and activate 2-step verification when possible to safeguard your information. Check out Motherboard for more information about this password leak.