Over 70 million Dropbox account log-ins were stolen back in 2012


Remember the 2012 hack which was believed to have compromised a few #Dropbox accounts? Well, it seems like the hacker managed to get his hands on nearly 70 million account log-ins back then, putting several customers in a state of worry. However, you’re safe if you have changed your password since then. If not, we recommend you do so right away.

A senior level Dropbox employee managed to confirm this, but decided to remain anonymous for obvious reasons. Further, a Microsoft staffer has already mentioned that he found his and his wife’s account credentials in the leak, so regardless of what you hear out there, the leak was pretty real. The solution, as we mentioned above, is pretty simple.

The problem appears to be with about half of the compromised accounts which use an older encryption system called SHA-1, while about 32 million of them were encrypted with bcrypt, which is considered to be among the best going around. Dropbox has started sending out password reset notifications to people since last week.

Source: Motherboard, Troy Hunt

Via: Engadget