Dropbox data breach: 68 million user account details leaked
FOX NEWS - Four years after a data breach at cloud storage service Dropbox, details of more than 68 million user accounts have reportedly been leaked. Tech website Motherboard reported Tuesday that it obtained files containing the account details from sources in the database trading community and breach notification service Leakbase. The files contain email addresses and “hashed” passwords, which use an algorithm to protect the passwords, it said.
It was not previously known how many users were affected by the 2012 hack, according to Motherboard, which says that the leaked data does not appear to be posted on the dark web. A senior Dropbox employee told Motherboard that the data is legitimate. The data dump was also verified by security researcher Troy Hunt.
“This is not a new security incident, and there is no indication that Dropbox user accounts have been improperly accessed,” said Patrick Heim, Dropbox’s head of trust and security, in a statement emailed to FoxNews.com. “Our analysis confirms that the credentials are user email addresses with hashed and salted passwords that were obtained prior to mid-2012.”
“Salted” passwords use random data as an additional layer of protection. Dropbox recently launched a major password reset, prior to the dumped data becoming public.
“We can confirm that the scope of the password reset we completed last week did protect all impacted users,” Heim said. “Even if these passwords are cracked, the password reset means they can’t be used to access Dropbox accounts.”