According to Dropbox, the supposed hack of the cloud storage service--which was reported yesterday to have leaked several hundred emails and passwords--was not a breach of the company itself, but of other services.
Watch Remastered, 1080p Halo: Combat Evolved Footage From The MCC
To be clear, the real login information of about 400 users was definitely posted online (specifically, on Pastebin), but Dropbox explained in a blog post that it is not responsible for the leak. The company stated that login info was stolen from other web services, such as email accounts, and the hackers (occasionally successfully) used it to access Dropbox accounts.
Destiny Hotfix 1.0.2.2 Reduces Auto Rifle Power, Fixes Skills
"Recent news articles claiming that Dropbox was hacked aren't true," the post reads. "Your stuff is safe. The usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox. Attackers then used these stolen credentials to try to log in to sites across the internet, including Dropbox. We have measures in place to detect suspicious login activity and we automatically reset passwords when it happens.
"Attacks like these are one of the reasons why we strongly encourage users not to reuse passwords across services."
Using the same password across multiple services is a risky move, though one that I'm sure many of us do every day. One leak can compromise all of your accounts, which is what Dropbox claimed has occurred in this instance--the bottom of the post states that none of the logins posted online match Dropbox accounts.
This also serves as a reminder to update your passwords: I know it's a pain, but the longer a password stays the same, the more likely it is to be compromised. In addition, the two-step verification process for logging on (which will also send you an email or text request when an account is access) is offered by many services such as Dropbox and Gmail, and should be taken advantage of. The hackers in this instance claim to have millions of additional passwords and emails, but it remains to be seen both if that's true, and if the information is up to date.
