Dropbox is defined as a personal cloud storage service that Is used for sharing files and multiple users working on the same file. It is very efficient as a professional backup and has always been of use for educational and business purposes. Dropbox is currently being used by millions of people and you would guess it is well protected to avoid any damage to the files that are protected on the service. However, that wasn’t the case and it was hacked!
Earlier in 2012, Dropbox had encountered an issue where one of it’s employees passwords were acquired and it was used to access a file with the email addresses of all the Dropbox users. However, what they covered up was that the hackers can use this information to access passwords of those users too.
The data breach includes more than 68 million accounts! Out of the 68 million, 32 million passwords are secured using ‘BCrypt’ which is challenging for the hackers as it will be difficult to overcome this strong hashing function. However, the rest (36 million accounts) are hashed with the SHA-1 hashing algorithm which wouldn’t be that much of a big deal. Furthermore, the password hashes are ‘Salt’ed which means it would add an extra layer of security which will make it harder for the hackers to crack them.
We would be soon finding the credentials obtained in the 2012 data breach on the Dark Web and hence, Dropbox has been actively trying to find a way around this. They have encouraged potential forced password resets and they have emailed all of it’s users of the current situation.
If you are an active Dropbox user, it would be wise of you to reset your password. Also if you are the kind of person to have the same password for all your accounts, then it would be good to use a password manager and secure your all your accounts with strong and different passwords.