Dropbox Claims It Wasn’t Hacked

First news emerged that Dropbox was hacked, then came the headlines saying that it wasnEUt. Early Tuesday morning headlines suggested nearly 7 million passwords for the cloud storage site were stolen. Tuesday afternoon headlines told a different story.

Which stories are accurate? According to Dropbox, recent news articles claiming that Dropbox was hacked arenEUt true. But those accounts could just as easily have been accurate, given all the mega breaches weEUve read about lately.

EUYour stuff is safe,EU Anton Mityagin, who works on the security team at Dropbox, said in a blog post. EUThe usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox.EU

DonEUt Reuse Passwords

So, if Dropbox wasnEUt hacked, what was? If any site was even hacked remains to be seen, but MityaginEUs next statement suggests some accurate password breach headlines could soon hit the news sites.

EUAttackers then used these stolen credentials to try to log in to sites across the Internet, including Dropbox,EU Mityagin said. EUWe have measures in place to detect suspicious login activity and we automatically reset passwords when it happens.EU

After Mityagin created his original post, stories about the purported hack continued to surface, leaving Dropbox to fight off rumors about its service. WhatEUs more, Mityagin noted that a subsequent list of usernames and passwords had been posted online. But the security team also checked into that list and determined none of them are associated with Dropbox accounts.

EUAttacks like these are one of the reasons why we strongly encourage users not to reuse passwords across services,EU Mityagin said. EUFor an added layer of security, we always recommend enabling two-step verification on your account.EU

Should You Forget Your Password?

This time around it was a false alarm at Dropbox but, again, these sorts of password breaches happen regularly. Joe Siegrist, CEO and co-founder of password management...

Comments are closed.