Dropbox hack leads to dumping of 68m user passwords on the internet | Technology | The Guardian

https://www.theguardian.com/technology/2016/aug/31/dropbox-hack-passwords-68m-data-breach

If you still use the same password as in 2012 still in Dropbox or other service, then change it now or you can be soon in trouble. 

2 Comments

  1. Tomi Engdahl says:

    Hackers Stole Account Details for Over 60 Million Dropbox Users
    https://motherboard.vice.com/read/hackers-stole-over-60-million-dropbox-accounts

    Hackers have stolen over 60 million account details for online cloud storage platform Dropbox. Although the accounts were stolen during a previously disclosed breach, and Dropbox says it has already forced password resets, it was not known how many users had been affected, and only now is the true extent of the hack coming to light.

    Motherboard obtained a selection of files containing email addresses and hashed passwords for the Dropbox users through sources in the database trading community. In all, the four files total in at around 5GB, and contain details on 68,680,741 accounts. The data is legitimate, according to a senior Dropbox employee.

    Earlier this week, Dropbox announced it was forcing password resets for a number of users after discovering a set of account details linked to a 2012 breach. The company did not publish an exact figure on the number of resets

    A spokesperson told Motherboard that Dropbox has seen no evidence of malicious access of these accounts.

    Nearly 32 million of the passwords are secured with the strong hashing function bcrypt, meaning it is unlikely that hackers will be able to obtain many of the users’ actual passwords. The rest of the passwords are hashed with what appears to be SHA-1, another, aging algorithm.

    Reply
  2. Tomi Engdahl says:

    After Breaches At Other Services, Spotify Is Resetting Users’ Passwords
    https://it.slashdot.org/story/16/08/31/1847227/after-breaches-at-other-services-spotify-is-resetting-users-passwords

    And now, Spotify is asking its users to reset their passwords. The popular music streaming service is “actively resetting a number of users’ passwords,” Motherboard reports, adding that the company is doing this because of the data breaches at other services and websites.

    After Breaches At Other Services, Spotify Is Resetting Users’ Passwords
    http://motherboard.vice.com/read/spotify-passwords-reset-security-precaution

    Popular music streaming service Spotify is actively resetting a number of users’ passwords. The company claims this is in response to data breaches of other websites, implying that the problem may be customers reusing passwords.

    “To protect your Spotify account, we’ve reset your password. This is because we believe it may have been compromised during a leak on another service with which you use the same password,” an email sent to a user on Wednesday reads.

    “Don’t worry! This is purely a preventative security measure. Nobody has accessed your Spotify account, and your data is secure,” it continues.

    On Wednesday, Motherboard broke the news that a 2012 hack of Dropbox had exposed some 68 million email addresses and hashed passwords. This summer, the public learned of huge hacks of Myspace, LinkedIn, VK.com.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*