We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 - 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
Updated 8:30pm Pacific with Dropbox’s response.
Hundreds of alleged usernames and passwords for Dropbox have been published on Pastebin, an anonymous information-sharing site.
The apparent hackers claim to have nabbed 6,937,081 passwords and today published a “teaser” of 400 username-password pairs. They requested donations in Bitcoin and promised to release more passwords based on how much of the virtual currency they receive. The usernames appeared in alphabetical order starting with email@example.com and ending with firstname.lastname@example.org.
Dropbox, however, says the hack is bogus. The company offered VentureBeat this response to our inquiry:
Dropbox has not been hacked. These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts. We’d previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well.
Subsequently, two more “teasers” appeared on Pastebin.
A Reddit thread first mentioned the apparent leak about three hours ago. The Reddit user who first submitted the link later said that usernames and passwords in the file actually did work.
Dropbox posted a warning against phishing scams on October 9.
While this hack may not be legitimate, and even though Dropbox says it expired most of these passwords long ago, the fact that someone on Reddit is claiming that the passwords do work is cause for concern.
It’s probably a good idea to change your password just to be safe — especially if you use the same password on multiple sites — and enable two-factor authentication, which Dropbox now supports.
Via The Next Web
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.