Latest in Gear

Image credit:

Dropbox hacker stole 70 million log-ins in 2012

Who knew that 2012 breach was this massive?
829 Shares
Share
Tweet
Share
Save

Sponsored Links

Back in 2012, Dropbox admitted someone hacked into the cloud storage service and stole log-in details, but it didn't reveal the extent of the breach. Well, apparently, it was a huge one. Motherboard has obtained a number of files containing 60 million username and password combinations that came from that incident. A senior Dropbox employee who chose to remain anonymous confirmed the files' contents to the publication. Microsoft Regional Director Troy Hunt verified the details by finding his and his wife's log-ins in the mix, as well.

Since Dropbox sent out password resets last week to users who signed up before 2012 and haven't changed their log-in details since, it's not hard to believe that the files are legit. The company mentioned in the help center entry about the resets that it doesn't believe any of the accounts were improperly accessed. While there's no way to prove that, Motherboard's and Hunt's findings support that claim.

All of the passwords in the list are salted and encrypted, though only 32 million are protected by a strong algorithm called bcrypt. The other half uses an older, weaker algorithm called SHA-1. It doesn't look like the files are being sold on the dark web yet. But to be safe, it's best to change your Dropbox passwords and activate two-factor authentication when you can.

Update: We updated Troy Hunt's information. He's not an employee but part of Microsoft's Regional Director Program. [Thanks, Keith]

Source: Motherboard
Coverage: Troy Hunt
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
829 Shares
Share
Tweet
Share
Save

Popular on Engadget

Engadget's Guide to Privacy

Engadget's Guide to Privacy

View
iPad Pro leak suggests tablet photography just won’t die

iPad Pro leak suggests tablet photography just won’t die

View
Apple's latest AirPods and wireless charging case are $30 off on Amazon

Apple's latest AirPods and wireless charging case are $30 off on Amazon

View
Google Fi now offers an unlimited plan

Google Fi now offers an unlimited plan

View
Get a glimpse of SpaceX's orbital Starship prototype under construction

Get a glimpse of SpaceX's orbital Starship prototype under construction

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr