Security News Dropbox Resetting User Passwords, But Says No Breach Has Occurred

frogboy

In memoriam 1961-2018
Thread author
Verified
Top Poster
Well-known
Jun 9, 2013
6,720
Online storage platform Dropbox is resetting user passwords that have not been changed since 2012, the company has announced. The move is a precautionary step rather than the result of a new security incident.

In a blog post outlining the move, Patrick Heim, head of trust & security, said any user that opened an account before the middle of 2012 and had not changed the password since then would be asked to do so next time they log in.

“We’re doing this purely as a preventive measure, and there is no indication that your account has been improperly accessed,” the blog said.

All this stems from the problem of password reuse—where a user picks the same password for multiple websites or services. Back in 2012, Dropbox revealed that a security breach at the company had occurred when a number of user accounts were accessed, using credentials stolen from another website, possibly LinkedIn or even the MySpace hack.

One of the accessed accounts belonged to a Dropbox employee, whose account contained a document that listed user email addresses. These email addresses were stolen and subsequently targeted by spam emails.

Now it seems that the company is concerned credentials stolen in those breaches could be used to access those Dropbox accounts that have not changed passwords since 2012.

Password reuse is one of the most common way hackers gain access to user accounts. Once an email address and password are stolen from one service, the hacker will try the same combination on other websites, often with success. Making sure passwords are unique and regularly changing is one good step to take to improve your online security

Full Article. Dropbox Resetting User Passwords, But Says No Breach Has Occurred
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top