Strategic Group Blog

Everything you need to know about IT and technology

Written by Emily Gam
on September 01, 2016

Hackers have stolen over 60 million account details, including passwords from Dropbox. This hack actually happened four years ago but details are only now coming to light.

Tech website Motherboard reported Wednesday that it obtained files containing the account details from sources in the database trading community and breach notification service Leakbase. The files contain email addresses and “hashed” passwords, which use an algorithm to protect the passwords, it said.

The hackers gained access to Dropbox from an earlier attack on LinkedIn, where account details were stolen. The problem for Dropbox was that employees were using the same passwords across multiple sites, meaning that once hackers gained the master key, it could unlock every door.

We’ve mentioned the dangers of reusing passwords before, and this Dropbox attack highlights exactly why it’s a bad idea.

Dropbox have already taken care of the problem, resetting all passwords so no users are currently in danger. The problem however is how long it took Dropbox to acknowledge that passwords had been stolen.

“Our analysis confirms that the credentials are user email addresses with hashed and salted passwords that were obtained prior to mid-2012,” Said Patrick Heim, Head of Trust and Security at Dropbox.

“Salted” passwords use random data as an additional layer of protection.

Dropbox recently launched a major password reset, prior to the dumped data becoming public.

“We can confirm that the scope of the password reset we completed last week did protect all impacted users,” Heim said.

“Even if these passwords are cracked, the password reset means they can’t be used to access Dropbox accounts.”

These type of hacks highlight the difference between using Cloud Applications and Cloud Platforms, remember a good cloud platform will keep your data safe and include multiple data backup centres.

Again, this shows the need for your data to be secure and to have a Disaster Recovery Plan in place if everything goes wrong. As demonstrated by this latest hack, it doesn’t even to be your business that’s been the target of the attack, and if employees are reusing their passwords your business could be at risk.

Disaster Recovery Plan Template

  Disaster Recovery Plan

Let Us Know What You Thought about this Post.

Put your Comment Below.

You may also like:


Ransomware attacks increase 299% for 2018

Sonicwall have released their latest Cyber Threat Intelligence Report for the month of May and have already found a 299%...


What technology will shape the accounting industry?

With every new wave of technological advancement the accounting industry has seemed to embrace and grow from these chang...

News Tips

5 things you can do right now with technology to be more organised

We always start each day with good intentions, but by the time 5pm rolls around and it feels like we’ve been chasing our...