Millions of Dropbox passwords were leaked, giving us another reason not to reuse passwords

Source: AP
Source: AP

In 2012, hackers stole over 60 million account details for Dropbox, Motherboard reported, and on Wednesday, independent security researcher Troy Hunt verified that over 68 million users' emails and passwords have been dumped online — including his and his wife's. 

"There is no doubt whatsoever that the data breach contains legitimate Dropbox passwords, you simply can't fabricate this sort of thing," Hunt said in a post

Since the data dumped was from a 2012 breach, Dropbox users who have changed their passwords since then aren't vulnerable to the hack. Dropbox notified all of its users last week of the security issue, informing them that it was forcing passwords resets, Motherboard reported. But if you are in the habit of reusing the same password across different accounts (don't do that), you should change your other passwords that are identical to the one you used that may have been dumped courtesy of the 2012 Dropbox breach.  

"We've confirmed that the proactive password reset we completed last week covered all potentially impacted users," Patrick Heim, Dropbox's head of trust and security, told Motherboard. "We initiated this reset as a precautionary measure, so that the old passwords from prior to mid-2012 can't be used to improperly access Dropbox accounts. We still encourage users to reset passwords on other services if they suspect they may have reused their Dropbox password."

The 2012 Dropbox breach seems to be a result of the aforementioned bad habit — a Dropbox employee used the same password for his LinkedIn and Dropbox account, and following a breach into the LinkedIn network, a hacker was able to use their password to get into Dropbox's network, the Guardian reported.

As a user, you should make sure your passwords across different services are all complex and different from one another — and while password managers have been touted as great tools to help securely store your cache of complex passwords, as the Guardian notes, not even password managers are safe. Hope you've got a remarkable memory.

How likely are you to make Mic your go-to news source?

Melanie Ehrenkranz

Melanie is a writer covering technology and the future. She can be reached at melanie@mic.com.

MORE FROM

Twin bombings in Pakistan market kill at least 15

This story is breaking.

Federal judge blocks deportations of Iraqi Christians

The ACLU celebrated the decision as a "life-saving action" temporarily keeping Chaldean Christians from facing religious persecution in Iraq.

Johnny Depp jokes about assassinating Donald Trump

"It's been a while," Depp said, "and maybe it's time."

Trump says he finds special counsel Mueller's relationship with James Comey "bothersome"

Trump says "virtually everybody agrees" that there's been no collusion or obstruction of justice.

'Hot Mic' podcast: GOP Senate health care, Comey tapes, 2016 election data stolen

The important stories to get you caught up for Friday

Watchdog groups sue Trump for deleting tweets, allegedly violating Presidential Records Act

Trump's deleted tweets may come back to haunt him.

Twin bombings in Pakistan market kill at least 15

This story is breaking.

Federal judge blocks deportations of Iraqi Christians

The ACLU celebrated the decision as a "life-saving action" temporarily keeping Chaldean Christians from facing religious persecution in Iraq.

Johnny Depp jokes about assassinating Donald Trump

"It's been a while," Depp said, "and maybe it's time."

Trump says he finds special counsel Mueller's relationship with James Comey "bothersome"

Trump says "virtually everybody agrees" that there's been no collusion or obstruction of justice.

'Hot Mic' podcast: GOP Senate health care, Comey tapes, 2016 election data stolen

The important stories to get you caught up for Friday

Watchdog groups sue Trump for deleting tweets, allegedly violating Presidential Records Act

Trump's deleted tweets may come back to haunt him.