Hackers helped themselves to 68 million account details to one of the most popular cloud storage platforms. The Dropbox accounts were hacked in 2012 but the number of accounts affected has only now come to light. Dropbox has sent emails to its users requesting that they change their passwords.
5GB worth of Dropbox usernames and passwords have been doing the rounds of the cybersphere were discovered by the company’s head of trust and security, Patrick Heim:
“This is not a new security incident, and there is no indication that Dropbox user accounts have been improperly accessed. Our analysis confirms that the credentials are user email addresses with hashed and salted passwords that were obtained prior to mid-2012. We can confirm that the scope of the password reset we completed last week did protect all impacted users. Even if these passwords are cracked, the password reset means they can't be used to access Dropbox accounts. The reset only affects users who signed up for Dropbox prior to mid-2012 and hadn't changed their password since.”
Besides changing passwords Dropbox has advised users to make use of the two factor authentication option; to view and examine all active logins to their accounts; and to use a password manager to both create and manage strong, unique passwords – Dropbox recommends 1Password, Keepass is another respectable option.
Dropbox appear to have handled their insecurity issues better than LinkedIn who failed to immediately reset compromised passwords. But there do appear to be similarities between the Tumblr breach in which the blogging network refused to acknowledge how many accounts had been hacked:
Ghost of the Old Breach
https://afritechnet.blogspot.com/2016/05/the-ghost-of-old-breach.html
0 comments:
Post a Comment