Posts
If you haven't activated two-factor authentication
on Dropbox yet, you may want to do so now, just
in case you end up finding your credentials posted
on the internet. A document posted on pastebin
earlier contains 400 Dropbox usernames and
passwords, which the poster claims are just a tiny
fraction of a massive hack that compromises up to
7 million accounts. The poster has been asking for
Bitcoin donations in exchange for more accounts,
and by the looks of it, he got enough money, at
least, to post another batch of log-in credentials
within the same day. At the moment, it's still
unclear how the hacker(s) got a hold of the
usernames and passwords, but the cloud service
told Engadget that Dropbox itself has not been
hacked.
Update : Dropbox again stated that it has not been
hacked, this time in a blog post, and says security
measures are in place to detect accounts
compromised with log-in info stolen from other
sites.
"These usernames and passwords were
unfortunately stolen from other services and used
in attempts to log in to Dropbox accounts," a
spokesperson told us. "We'd previously detected these
attacks and the vast majority of the passwords
posted have been expired for some time now. All
other remaining passwords have been expired as
well." Still want to ensure your account's safety
anyway? Head over to the Dropbox's detailed
explanation on how to turn on two-step
authentication. Hopefully, when you log in to do
so, the service has also restored any file a recent
bug might have deleted from your folder.
No comments