Dropbox has been hacked, change your password immediatelyOctober 13, 2014 – 10:25 PM
If you use Dropbox, you need to change your password immediately as it looks like there has been a breach in the security. In a posting on Pastebin, which will not link to as it contains account data, the user claims to have nearly 7 million account user names and passwords. To prove that the information is real, 420 user names and passwords have been posted.
It looks like Dropbox has taken quick action as well and is now forcing everyone to change their password. If you attempt to use any of the combinations, it will tell you that your password has expired.
Neowin can confirm that some of the accounts were real and that this appears to be a legitimate breach in security as we have seen evidence of some of the account credentials leak authenticate to Dropbox’s servers.
While Dropbox has taken quick action, we know that many users have the same passwords on multiple sites. Because of this, it is best to keep all of your passwords site specific so that if there is a breach, you do not have to change every site. Further, any site that has two-factor authentication, it is a best practice to enable this functionality.
It goes without saying that this will hurt Dropbox’s reputation but it will also affect that entire industry too as some users are already nervous about giving other company’s the ability to store their content.
While we wait for Dropbox to issue a statement on the breach, all signs point to the fact that this could be a real exposure of user credentials which raises many new questions such as how do they get the information and why are the passwords in plain text?