|
Title: Dropbox: Change your passwords Post by: Hawkbit on October 13, 2014, 09:14:41 PM Not sure of the extent, but better to be safe than sorry until the truth comes out.
http://thenextweb.com/apps/2014/10/14/dropbox-passwords-leak-online-alleged-hack/ https://news.ycombinator.com/item?id=8451703 Title: Re: Dropbox: Change your passwords Post by: Hawkbit on October 13, 2014, 09:17:14 PM Also: https://twitter.com/SwiftOnSecurity
Title: Re: Dropbox: Change your passwords Post by: Trippy on October 13, 2014, 09:44:29 PM It's unlikely Dropbox itself was hacked, though I am somewhat suspicious of them since I get spammed on one of my email accounts that I only use for Dropbox. More likely these are accounts that were hacked from other sources earlier and have now been confirmed to share the same login info as Dropbox accounts. Dropbox is resetting these accounts as fast as they are being posted so they are definitely watching what's being publicly released.
Title: Re: Dropbox: Change your passwords Post by: Trippy on October 13, 2014, 10:55:11 PM Dropbox's reponse:
https://blog.dropbox.com/2014/10/dropbox-wasnt-hacked/ Quote Recent news articles claiming that Dropbox was hacked aren’t true. Your stuff is safe. The usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox. Attackers then used these stolen credentials to try to log in to sites across the internet, including Dropbox. We have measures in place to detect suspicious login activity and we automatically reset passwords when it happens. Attacks like these are one of the reasons why we strongly encourage users not to reuse passwords across services. For an added layer of security, we always recommend enabling 2 step verification on your account. Title: Re: Dropbox: Change your passwords Post by: apocrypha on October 14, 2014, 01:07:06 AM <Insert obligatory exhortation to use LastPass or similar, and to use it properly>.
Title: Re: Dropbox: Change your passwords Post by: Merusk on October 14, 2014, 05:16:21 AM Last pass wouldn't matter. There's plenty of apps that now login to Dropbox to facilitate file sharing. All of them are a vulnerable point for Dropbox and you can only hope they're encrypting the info.
Past history of data and software haning gives good odds they aren't. Title: Re: Dropbox: Change your passwords Post by: Morfiend on October 14, 2014, 06:17:09 PM When I went to change my dropbox password, it wouldnt let me log in because I have two-factor turned on, and it seemed unable to text me, even though the number was correct. I got around this by going to my app and selecting account, this got me right in. :awesome_for_real:
Title: Re: Dropbox: Change your passwords Post by: KallDrexx on October 14, 2014, 06:57:37 PM Last pass wouldn't matter. There's plenty of apps that now login to Dropbox to facilitate file sharing. All of them are a vulnerable point for Dropbox and you can only hope they're encrypting the info. Past history of data and software haning gives good odds they aren't. It's like you didn't even read what has been posted, especially with dropbox's response. Lastpass would have mattered because users dropbox's passwords would not have been the same as services that were compromised, and thus if they got your password to another service it would be useless for accessing your google account. Also, if you are entering your drop box password into third party apps directly, then that's your bad. Dropbox uses oauth, which means the native app should never get your username or password. Title: Re: Dropbox: Change your passwords Post by: Tebonas on October 16, 2014, 02:50:32 AM Dropbox has Two-Step verification anyway. Another good reason to use it.
|