Over 60 million users were compromised in a Dropbox hack in 2012

Share on facebook
Share on twitter
Share on linkedin
Share on email

Four years ago, Dropbox was breached  by hackers but little was known about the extent of the hack.

This week Motherboard reported that the hack was far worse than anybody could have expected. In total 68 680 741 accounts were compromised in the 2012 hack and the information gleaned from the hack includes email addresses and hashed passwords.

The information is currently for sale in database trading communities, and a Dropbox employee confirmed to Motherboard that the data is legitimate.

The passwords obtained are secured with both bcrypt and SHA-1 hashing with salt (a random character string added to the password) which should make them harder to crack.

We say harder, not impossible and for that reason Dropbox has forced a password reset on users that might have been impacted by the breach.

“We initiated this reset as a precautionary measure, so that the old passwords from prior to mid-2012 can’t be used to improperly access Dropbox accounts. We still encourage users to reset passwords on other services if they suspect they may have reused their Dropbox password,” said Dropbox head of trust and security, Patrick Heim.

To further secure your accounts we also suggest activating two-factor authentication as an extra precaution. Especially if you think you once, possibly, maybe, perhaps used your Dropbox password from 2012 for another service.

[Via – Motherboard] [Image – CC BY 2.0 Ian Lamont]


Brendyn Lotz

Brendyn Lotz

Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.


[mailpoet_form id="1"]