Dropbox is in the news again, a thread has appeared on Reddit that offered around 400 Dropbox usernames and passwords. Dropbox has posted on its blog that the service wasn’t hacked and that the information was captured through third party services and not Dropbox itself.
The usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox. Attackers then used these stolen credentials to try to log in to sites across the internet, including Dropbox. We have measures in place to detect suspicious login activity and we automatically reset passwords when it happens, the blog post stated.
The stolen data was posted with message saying: “Here is another batch of Hacked Dropbox accounts from the massive hack of 7,000,000 accounts. To see plenty more…….”
Dropbox has advised all users to change their passwords and enable two-factor authentication as an added security.
Full statement from Dropbox here.
