If you use Dropbox, you might want to change your password immediately. A thread on an internet forum was discovered which linked to a site where hundreds of Dropbox login credentials were available in plain text. The hackers claimed to have more than 7 million passwords and asked for Bitcoin donations for more details.
In response, Dropbox has already disabled the passwords and put out a blog post which ensures users that their servers weren’t compromised. According to the company, the stolen details came from unrelated services and hackers simply tried to login across the web through those credentials and some of them worked on Dropbox. This is same explanation that Google gave recently when millions of Gmail accounts were exposed online.
Furthermore, the company stressed that it had checks in place that reset passwords on suspicious activity. However, it still raises the question of why some of those details worked. It is also not yet clear whether the rest of the 7 million login details are valid or not so we would suggest you change your password, just to be on the safe side.
The move caps off a bad week for the service with Edward Snowden suggesting that security aware individuals should get rid of Dropbox as it was one of the services that are ‘hostile to privacy’ and the discovery of a bug that ended up deleting files permanently from user accounts.
Attacks like these are the reason you should not use the same password for multiple websites. Needless to say despite what companies claim, the onus of your security is on you. Some tips to stay safe include using different passwords for sites, running security checks on your computer an antivirus and antimalware software regularly and being careful
There are multiple password generators like Norton’s Identity Safe and Secure Password Generator on the internet that can help you come up with a password when you are signing up for a new site. In addition, tools like LastPass and KeePass are ideal if you don’t like to remember all your login details and prefer a secure service to handle it for you. Lastly, many online services now provide two factor authentication which links your phone to your account and is a pretty much ironclad way to stay safe. Use these tools and services to stay safe!