DropBox Security Breach

Started by namida, September 07, 2016, 12:32:14 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

namida

https://blog.avast.com/2012-dropbox-breach-strikes-again-dumps-68-million-passwords-online

You may want to consider changing your Dropbox password and any other sites you've used the same one on. It appears this isn't a new hack; rather it's more information being leaked from the old one (so I'd think most security-concious people would already have taken action a long time ago if potentially affected), but thought I'd bring it up just in case since a lot of people here use Dropbox.
My projects
2D Lemmings: NeoLemmix (engine) | Lemmings Plus Series (level packs) | Doomsday Lemmings (level pack)
3D Lemmings: Loap (engine) | L3DEdit (level / graphics editor) | L3DUtils (replay / etc utility) | Lemmings Plus 3D (level pack)
Non-Lemmings: Commander Keen: Galaxy Reimagined (a Commander Keen fangame)

mobius

thanks for the info. I think I heard about this, but like you said it was a long time ago? ???

In any case; I'm not too worried about my Drop box as I don't keep anything of monetary value in there or anything that can be "stolen".
everything by me: https://www.lemmingsforums.net/index.php?topic=5982.msg96035#msg96035

"Not knowing how near the truth is, we seek it far away."
-Hakuin Ekaku

"I have seen a heap of trouble in my life, and most of it has never come to pass" - Mark Twain


ccexplore

Quote from: möbius on September 07, 2016, 11:29:45 PMthanks for the info. I think I heard about this, but like you said it was a long time ago? ???

The attack happened in 2012, but only recently did they find out the full extent of what was stolen (because the bad guys basically revealed it online).  Based on the blog post, it sounded like originally they thought only email addresses were obtained, but in fact password-related data were also obtained.

Quote from: möbius on September 07, 2016, 11:29:45 PMIn any case; I'm not too worried about my Drop box as I don't keep anything of monetary value in there or anything that can be "stolen".

The main issue is that someone could crack your Dropbox account password using the stolen data (note: it is unclear from the blog post how easy or hard this is), and if you happen to reuse the same password in multiple places (sadly not uncommon amongst your average users), all those other accounts could then become vulnerable as well.  For example, if you use the same Dropbox password for your online banking account, the bad guys now potentially could gain access to that through reverse-engineering the Dropbox password from the stolen data.

Basically if you use the same Dropbox password anywhere else, you should go change the passwords to all those places as well, especially for any accounts with things of value.