Dropbox claims password 'leaks' not due to hack
Dropbox has denied a recent leak of hundreds of usernames and passwords was down to hackers
Dropbox has assured users it has not been hacked, despite the recent leaking of hundreds of usernames and passwords on text-sharing site Pastebin.
The alleged user details have been posted within three documents on the anonymous website, and the person behind the account in question claims to have hacked into around seven million accounts through a third-party service in order to retrieve and share the data.
To fund their efforts, the hacker' has asked for Bitcoin donations.
"We will keep releasing more to the public as donations come in, show your support," the user wrote on Pastebin.
As reported by The Next Web, a number of the examples posted had already expired: "Dropbox has not been hacked," the company told the site.
Further responding to the incident, a spokesperson for Dropbox said: "These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts.
"We'd previously detected these attacks, and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well."
Dropbox assured worried users that it resets passwords on accounts thought to be affected by suspicious activity,' and did so a number of months ago.
Edward Snowden recently urged security-conscious users to steer clear of services such as Dropbox, after previously calling it "hostile to privacy."
-
SecurityHQ names Aaron Hambleton as product and services chiefNews Industry veteran will lead product and service innovation across the provider's cybersecurity portfolio
-
Cisco teams up with DSIT to drive digital skills adoptionNews Partnership supports the government's TechFirst program to provide one million secondary school students with access to digital learning experiences
-
Dashlane lifts the lid on attack that saw hackers download encrypted user vaultsNews The company said it has now informed all affected customers, and taken action to shut down the operation
-
The NCSC says it’s time to switch to passkeysNews UK security organization calls for companies to step up and offer more secure ways to login
-
AI agents are creating new identity security risks: 1Password wants to solve thatNews The Unified Access system from 1Password will help enterprises manage AI agent access across different devices and users
-
Using AI to generate passwords is a terrible idea, experts warnNews Researchers have warned the use of AI-generated passwords puts users and businesses at risk
-
Researchers called on LastPass, Dashlane, and Bitwarden to up defenses after severe flaws put 60 million users at risk – here’s how each company respondedNews Analysts at ETH Zurich called for cryptographic standard improvements after a host of password managers were found lacking
-
Thousands of exposed civil servant passwords are up for grabs onlineNews While the password security failures are concerning, they pale in comparison to other nations
-
Gen Z has a cyber hygiene problemNews A new survey shows Gen Z is far less concerned about cybersecurity than older generations
-
Passwords are a problem: why device-bound passkeys can be the future of secure authenticationIndustry insights AI-driven cyberthreats demand a passwordless future…
