68.6 million Dropbox accounts compromised in the 2012 data breach

By Mithun Mohandas | Published on 31 Aug 2016
HIGHLIGHTS

Change your password associated with Dropbox ASAP

68.6 million Dropbox accounts compromised in the 2012 data breach

Dell Vostro

Power New Possibilities | Dell PCs starting at Rs.35,990*

Click here to know more

Advertisements

Dropbox was the subject of a breach way back in 2012 and the online cloud storage company has vehemently denied the same for quite some time. Not much was known about the magnitude of the leak until recently. Earlier this week Dropbox forced password resets for accounts that were registered prior to mid-2012 as “purely a preventive measure”. Dropbox mentioned that they don’t believe that any account had been hacked. However, recent reports based on analysis of data dumps from the 2012 hack indicate that email IDs and passwords associated with Dropbox have indeed been hacked. And based on those very data dumps, it appears that 68,680,741 accounts had been compromised in the 2012 breach. 

Leakbase.pw, a website that notifies users about password leaks obtained four files totaling up to 5 GB which contained the credentials of all users affected by the 2012 breach.  Anonymous Dropbox officials have even confirmed that these files do indeed contain user data. Two of these files contain email addresses and bcrypt hashes and the other two contain email addresses and SHA1 hashes. 

Have I been hacked?

If you’d registered on Dropbox prior to mid-2012 then it’s quite probable that your data has been traded openly and whatever password was used is now known to many. Soon enough, you will have services like https://haveibeenpwned.com updating their databases with the breach data and you’ll be able to verify the same easily. Since the passwords of about 32 million accounts were encrypted using bcrypt algorithm, it’s safe to say that those accounts will be a lot more difficult to decrypt. But if you happen to be one of the many unlucky ones whose account passwords were encrypted using SHA1 algorithm then it’s best that you change your passwords as early as possible.

Dropbox has modified the way it hashes passwords since 2012 so hackers will have a lot tougher time decrypting passwords had there been any more breaches post 2012. Given the magnitude of the breach, Dropbox now ranks 6th in the list of the Top 10 breaches of all time.

logo
Mithun Mohandas

While not dishing out lethal doses of sarcasm, this curious creature can often be found tinkering with tech, playing 'vidya' games or exploring the darkest corners of the Internets. #PCMasterRace https://www.linkedin.com/in/mithunmohandas/

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.

DMCA.com Protection Status