Another day, another major online hack of a website.
This time, it’s Dropbox which has come under attack from the hackers, with a reported 68 million usernames and passwords stolen.
According to Motherboard, the company’s systems were hacked back in 2012, forcing Dropbox to reset all user passwords on accounts that hadn’t changed them in the last four years.
The company said in a statement:
Our security teams are always watching out for new threats to our users. As part of these ongoing efforts, we learned about an old set of Dropbox user credentials (email addresses plus hashed and salted passwords) that we believe were obtained in 2012. Our analysis suggests that the credentials relate to an incident we disclosed around that time.
If you haven’t changed your Dropbox password since mid-2012 though, there’s not too much cause for panic – as Dropbox forced a password reset on those accounts, the old version that hackers nicked won’t be of any use.
However, if you’re one of those people who uses the same email address and password combination on other websites, you’ll want to change them ASAP, in case the hackers fancy trying out the combinations on other services.
Patrick Heim, Head of Trust and Security for Dropbox added to Motherboard: “We’ve confirmed that the proactive password reset we completed last week covered all potentially impacted users.”
It’s not been a good year for online companies and hacking – this summer, hundreds of millions of records from sites including LinkedIn, MySpace and Tumblr were stolen, not to mention last year’s Ashley Madison hack.