The 2012 Mega Hack at Dropbox Involved Data of Over 60m Accounts

Dropbox has revealed that an enormous amount of credentials belonging to its users that was stolen during 2012 is moving across the shady Web; however, the actual database may've been far more compared to what was originally assumed.

Motherboard first reported and TechCrunch sources confirmed that hackers took credentials related to over 60m accounts. The disclosure about certain password hack occurring with Dropbox shows how the company's position evolved from the 2012 happening. Earlier it stated that only clients' electronic mails were stolen.

Motherboard acquired four selected files consisting of hashed passwords and e-mail ids associated with Dropbox consumers, from sources within community that trades databases. Together, the selected files are sized some 5GB, while they consist of records of 68,680,741 accounts. Apparently, the data is authentic.

Dropbox declared that it had asked several of its consumers to necessarily reset their passwords in light of some account credentials that were stolen during the 2012 hack. The organization didn't release the exact count of password changes, a deliberate move, it said. Motherboard.vice.com posted this August 30, 2016.

Motherboard reports that irrespective of the Dropbox database not obtainable on the shady web forums, still seemingly it's getting circulated amidst people who hoard data.

Dropbox, to secure its users' passwords, has started practicing fresh password hashing methods since 2012.

Speaking to TechCrunch, Chief of Trust and Security Patrick Heim at Dropbox said his organization had adopted measures for making sure its employees do not use the same passwords for their different corporate A/Cs. Dropbox has licensed 1Password the company's service for password management to benefit its employees as a way for encouraging them to set strong passwords that are simultaneously unique. There is also the need for 2F-authentication with regard to every internal system of Dropbox, Heim stated.

Meanwhile, considering the advanced age of the stolen data, the intricate algorithm of password hashing and precautionary measures of Dropbox, along with the user particulars' availability in shortage during the theft, Dropbox's opinion reverberates that of LeakedSource that there's really no utility of the data that got exposed and will also yield no profit when tried to sell.

» SPAMfighter News - 9/5/2016