A massive Dropbox hack has led to the circulation of more than 68 million member usernames and passwords.
(CCM) — Dropbox is the latest victim of the large scale security breach trend, with millions of its users' logins having been stolen by hackers. The swipe weighs in at about 5 GB of data and contains details on 68,680,741 accounts, according to reports by Vice's technology publication, Motherboard. The actual theft occurred in 2012, but it was only recently that Dropbox forced a mass password reset to protect its users from unauthorized attempts to access their accounts. However, it was Motherboard — not Dropbox — on Wednesday that revealed just how far reaching the hacking actually was.
But there is a silver lining for fans of the cloud storage service. According to Motherboard, nearly 32 million of the included passwords are encrypted with the strong hashing function bcrypt, while the others appear to be hashed with SHA-1; all of the passwords appear to have used a salt (a random string added to the password hashing process). This means that the acquired login information is unlikely to be of any use to its recipient. Despite this and the password reset initiative, Dropbox urges proactive action for its users. "We still encourage users to reset passwords on other services if they suspect they may have reused their Dropbox password," said Patrick Heim, Head of Trust and Security. A spokesperson for the company has said that it has not seen any evidence of malicious access to the affected accounts, and the data dump has not yet been detected on any sites on the dark web, where these sorts of dumps are usually sold.
Image: © Maxxa Satori - Shutterstock.com