After Dropbox forced a password reset on any user who hadn't changed their login credentials since mid-2012 -- due to a hack faced by the company that year -- new information has surfaced recently detailing the extent of the user data leak.

According to a collection of files obtained by Motherboard, containing the email addresses and hashed passwords of the affected user base, a total of 68,680,741 Dropbox accounts were successfully targeted during the 2012 hack. When Dropbox announced it was going through with the preventative password reset measure last week, the company didn't give any hint as to the extent of the users touched by the four-year-old hack.

dropbox_logo
The "incident," as Dropbox refers to it, was a data breach in the summer of 2012 where a few users began reporting spam sent to email addresses connected to a Dropbox account. Due to a password hack connected to other websites, hackers were able to sign in to "a small number" of Dropbox accounts, including an employee's who had access to a document listing an array of user email addresses.

Dropbox is confident its message to users last week has covered "all potentially impacted users," and the company is encouraging users to still reset passwords on other services that have the same login information, particularly passwords, previously used for Dropbox.

“We've confirmed that the proactive password reset we completed last week covered all potentially impacted users," said Patrick Heim, Head of Trust and Security for Dropbox. "We initiated this reset as a precautionary measure, so that the old passwords from prior to mid-2012 can’t be used to improperly access Dropbox accounts. We still encourage users to reset passwords on other services if they suspect they may have reused their Dropbox password.”

As Motherboard discovered, nearly 32 million of the affected accounts were secured with the strong hashing function bcrypt, "meaning it is unlikely that hackers will be able to obtain many of the users' actual passwords." The other half of the passwords had a slightly less secure SHA-1 aging algorithm and were salted with a random string of characters to further strengthen them. Since 2012, Dropbox has changed up this password and account hashing process several times in attempt to make sure every user remains secure.

Motherboard confirmed that none of the four files, which total 5GB of collected user login data, appear to be anywhere on the dark web. Also, given Dropbox's aggressive measures taken in the past week, their value will continue to "diminish" over time.

Tag: Dropbox

Top Rated Comments

wizard Avatar
62 months ago
Anybody that thinks online storage will ever be secure is nuts in my mind. Eventually every service will fall to hacking. If you have important dats either encrypt it or keep it off line.
Score: 3 Votes (Like | Disagree)
coolfactor Avatar
62 months ago
What the heck was a Dropbox employee doing with a file containing the login details for 68 million Dropbox users?
Score: 3 Votes (Like | Disagree)
technopimp Avatar
62 months ago
Can someone tell me where I can find "the Dark Web"?
If you have to ask...
Score: 1 Votes (Like | Disagree)
SandboxGeneral Avatar
62 months ago
I haven't yet to date received any spam that was associated with this hack - at least that I know of. I get a few spam emails now and then, but the junk filter gets them. As for the data I stored in Dropbox, it was all protected inside an encrypted container I made so even if my stuff was taken, there wasn't any way anyone could get to it.
Score: 1 Votes (Like | Disagree)
ArtOfWarfare Avatar
62 months ago
What the heck was a Dropbox employee doing with a file containing the login details for 68 million Dropbox users?
Selling it.

Seriously though, I was wondering that exact same thing. I've had access at various companies to download login details, but I've never done that, because why would I?

I feel like the biggest vulnerability at every company that has any user credentials is always a rouge employee.

Anyways - I changed the email account that was connected to my Dropbox account in 2014... does that immediately mean I don't need to worry about anything? (I originally signed up using my college email address, but when I graduated, I stopped using that address and also changed everything that I had previously associated with it another address.)
Score: 1 Votes (Like | Disagree)
Shirasaki Avatar
62 months ago
Sweet. I received three notices. Thank God I had forgotten I tried it. There's something to say about parking your data at companies who do not even tell you the truth when a fallout happens. Bye Dropbox.
It is human nature to try to cover issues, regardless of scale, before anyone knows it. This Applies on individual, company, and to a greater extent, nations.

If the leak of user data only affects 68 users, not 68m users, we would not even see any media reporting this 68 users data leak.
Score: 1 Votes (Like | Disagree)

Top Stories

apple music change forever

Apple Music Teaser: 'Get Ready – Music is About to Change Forever'

Sunday May 16, 2021 2:39 pm PDT by
The Browse tab in the Music app across Apple's platforms has started displaying a prominent teaser hinting at an upcoming major announcement for Apple Music. Under the heading "Coming soon," the headline says "Get ready – music is about to change forever." An accompanying "Tune-In Video" simply shows an animated Apple Music logo. Rumors have indicated that Apple is preparing to launch a...
m1 ipad pro early customer

M1 iPad Pro Arrives Early for Lucky Customer

Saturday May 15, 2021 11:57 pm PDT by
Days ahead of their expected launch and seemingly before official review embargoes lift, one lucky customer has already gotten their hands on the brand new 12.9-inch M1 iPad Pro. Reddit User PeterDragon50 Posted on Reddit, u/PeterDragon50 has already received their 12.9-inch iPad Pro through retailer Nebraska Furniture Mart. The Reddit user says they placed their order when pre-orders...
AirPods Lineup Not Lossless Feature

AirPods, AirPods Max and AirPods Pro Don't Support Apple Music Lossless Audio

Monday May 17, 2021 10:44 am PDT by
Apple today announced that starting in June, Apple Music songs will be available to stream in Lossless and Hi-Resolution Lossless formats, but lossless audio won't be supported on the AirPods, AirPods Max, or AirPods Pro. Apple's Lossless Audio is encoded as Apple Lossless Audio Codec files, with lossless quality ranging from 16-bit 44.1 kHz playback to 24-bit 48 kHz playback and Hi-Res...
apple music spatial audio

Apple Music Launching Spatial Audio With Dolby Atmos and Lossless Audio in June at No Extra Cost

Monday May 17, 2021 6:06 am PDT by
Apple today announced that Apple Music will be gaining support for Spatial Audio with Dolby Atmos at no additional cost starting in June. At launch, Apple Music subscribers will have access to thousands of songs in Spatial Audio from artists like J Balvin, Gustavo Dudamel, Ariana Grande, Maroon 5, Kacey Musgraves, The Weeknd, and many others. Apple says this feature will provide a...
M2 MacBook Pros 10 Core Summer Feature

Redesigned MacBook Pro Models With 10-Core Apple Silicon Chip Said to Launch as Early as This Summer

Tuesday May 18, 2021 5:39 am PDT by
Apple plans to launch new 14-inch and 16-inch MacBook Pro models with an improved iteration of the M1 chip as early as this summer, according to Bloomberg's Mark Gurman. The new chip is said to include a 10-core CPU with eight high-performance cores and two energy-efficient cores, with 16-core or 32-core GPU options. Gurman said the next-generation Apple silicon chip will also support up to...
imac 2021 box

Apple's New 24-Inch iMac Shown Off in Early Unboxing

Monday May 17, 2021 8:18 pm PDT by
Update: The early unboxing video was taken down, but other unboxing and first impression videos are now available. The new 24-inch iMac doesn't officially launch until this Friday, May 21, but an early unboxing of the machine has been shared on YouTube. The iMac unboxing video was made private subsequent to this story. The video from Gadget Guy is in Cantonese, but it offers an up-close...
apple music logo

Apple Music Teaser References 'Hi-Res Lossless' and 'Dolby Atmos'

Sunday May 16, 2021 4:04 pm PDT by
Earlier today, Apple Music began teasing a special announcement with the tagline "Get Ready – Music is About to Change Forever." This teaser comes amid a rumor that Apple is preparing to announce the third-generation AirPods alongside a HiFi, or lossless audio streaming tier for Apple Music on Tuesday, May 18. Now, references to "Apple Lossless," "Free Lossless," "Hi-Res Lossless," and...
Beats Studio Buds feature 3

New 'Beats Studio Buds' Revealed in iOS and tvOS 14.6

Monday May 17, 2021 11:10 am PDT by
Apple is working on new wire-free in-ear Beats-branded earbuds, according to images in the tvOS 14.6 and iOS 14.6 betas that were found by MacRumors contributor Steve Moser. The Beats Studio Buds are unlike any prior Beats headphones that Apple has released as there is no ear wrap as with the Powerbeats Pro or a wire like the Powerbeats. The Beats Studio Buds are tiny in design and are...
iPhone Hi Fi Apple Music Feature

Apple Music Gaining Spatial Audio and Lossless Audio in iOS 14.6, Not All Tracks Supported at Launch

Monday May 17, 2021 8:29 am PDT by
Apple Music's incoming Spatial Audio with Dolby Atmos and Lossless Audio features will be available in June on devices running iOS 14.6, iPadOS 14.6, macOS 11.4, and tvOS 14.6 or later, according to Apple. Apple said thousands of tracks will be available in Spatial Audio with Dolby Atmos at no additional cost, with more added regularly. Already available on the AirPods Pro, Apple describes...
AirPods Lineup Feature Triad

Apple Music Dolby Atmos Compatible With All AirPods Models and Other Headphones

Monday May 17, 2021 6:54 am PDT by
Apple today announced that starting in June, Apple Music subscribers will have access to higher quality Lossless audio streaming, as well as Dolby Atmos, which replicates an immersive audio experience. Despite Spatial Audio for movies and TV shows being only available on the AirPods Pro and AirPods Max, Dolby Atmos for Apple Music, which Apple describes as creating an "immersive audio format ...