Dropbox’s placeholders may be a tempting feature for Windows users longing for a OneDrive replacement, but if you’ve been using Dropbox before 2012 – you need to change your password right now – or switch services to something else.
In 2012, Dropbox fell victim to an attack enabled by a negligent employee who had their password stolen and used to further steal details of the passwords of millions of Dropbox users. While Dropbox earlier then assured customers that no customer details were compromised, it seems that they were severely mistaken.
According to a report originating from MotherBoard and later corroborated independently by security researcher Troy Hunt, the legitimate user accounts and passwords of several million Dropbox users from that earlier leak have now been posted on the internet for hackers and other entities to use at their whim.
From the initial report, Motherboard states that it “obtained a selection of files containing email addresses and hashed passwords for the Dropbox users through sources in the database trading community. In all, the four files total in at around 5GB, and contain details on 68,680,741 accounts. The data is legitimate, according to a senior Dropbox employee”
This comes this week after Dropbox initiated a forced user password reset for a selection of users it believed to have been caught in the dragnet years ago. That being said, the firm has stated that it ~”has seen no evidence of malicious access” on these accounts, so affected accounts are likely still safe.
The sensible thing to do in this case clearly is to reset your password. Several of Dropbox’s users are present on Windows, and may have sensitive files that are now vulnerable to being hacked.
Users also share their usernames and passwords between services, so those who get caught in this hack should ensure to get their details changed if they share it with other apps and services.
If you suspect your account may have been hacked, have received a notification that your account has been hacked or just want some peace of mind – check out this link to learn how to reset your password on Dropbox, and ensure that linked accounts are changed.