Dropbox Hacked: Yet Another Argument for Better Encryption

BY:

Aug 31, 2016

You may have heard that 68 million Dropbox users were recently told by the company that they needed to change their passwords due to a general hack of their database. The hack occurred in 2012, but it was only after years of persistent rumors by Netizens and cybersecurity mavens that Dropbox finally came clean about the hack. Dropbox completed performing a forced password reset for 68 million people just last week. Dropbox is merely the latest Web-based startup or organization that has faced having many millions of their customers affected by a single data breach. 5GB of files were obtained by Motherboard via Leakbase, a data breach notification service. The hacked cache of files includes email addresses and hashed user passwords, but, interestingly, almost half (32 million) of the passwords are secured by bcrypt, a strong hashing function, leaving the rest hashed by the hashing algorithm known as SHA-1.

Encryption

Dropbox Speaks

Head of Trust and Security for Dropbox Patrick Heim told the world that his company had successfully completed the password reset process, and all affected users of his popular service were covered. Says Heim, “We initiated this reset as a precautionary measure, so that the old passwords from prior to mid-2012 can’t be used to improperly access Dropbox accounts. We still encourage users to reset passwords on other services if they suspect they may have reused their Dropbox password.”

No Illegal Access?

According to a Dropbox spokesperson, the company has found no evidence that any Dropbox account was illegally accessed, although Tech News journal FossBytes reports that, “The Dropbox dump also hasn’t appeared on any major dark web marketplace” which sounds suspiciously like damning with faint praise for yet another outfit that has unwittingly exposed millions to an account and data breach – as well as a breach of inherent trust. Leave it to a third party (FossBytes) to take it upon themselves to advise Dropbox users to change their passwords immediately, and also choose strong passwords that are changed “from time to time,” a.k.a. every few months. This is probably a habit everyone should get into for any website containing personal data they can’t afford to have hacked.

The Argument for Better Cloud Security

The Dropbox debacle underlines the need for better cloud storage security, as that’s what type of platform Dropbox is and was at the time of the hack of their database in 2012. Some may argue that cloud security has advanced significantly in the intervening four years, but – has it advanced enough? The company claims that those passwords that were reset or accounts that were created after 2012 have no chance of being affected, but how can the Web-buying and online-using public be 100% secure in that notion? Lightning doesn’t often strike twice, that’s true. But, there are demonstrable patterns of malicious behavior by hackers, combined with a Web-using public that tends to let down its guard that should bring a rallying cry from IT experts and cybersecurity specialists everywhere: “Encrypt, reset, and be ever-vigilant out there.”

Consult an IT Pro About Passwords and Data Encryption

{company} is the leader in providing managed IT services in {city}. Contact our expert IT staff at {phone} or send us an email at {email} if you have any questions or concerns regarding data encryption, passwords, or protecting your valued data online, and we will be happy to answer any and all your questions.

Related Blogs

  • On a blue background are the letters AI in white. Superimposed over this is a robotic face wrapped with a connectivity symbol. A word bubble says can I help you." alt="">
    How AI Chatbots are Changing the Call Center Game

    With Amazon Lex Chatbots and Contact Lens, you can create tomorrow’s customer experience today. Key Takeaways: AI chatbots are revolutionizing not just call centers, but the way customer service is...

    Learn More
  • Six office workers sit at computers on opposite sides of a table in a brightly lit office." alt="">
    4 Challenges of Managing WorkSpaces at Scale and How to Solve Them

    A skills gap in IT staff and rising employee costs make managed services the right choice Key Takeaways: Research says it takes a minimum of 10 dedicated full-time IT staff members to manage DaaS...

    Learn More
  • The customer call center in an AI world." alt="">
    How Artificial Intelligence Is Reinventing the Call Center

    Today’s most important AI call center trends – is your call center ready for them?  Key Takeaways:  Learn how to improve customer service operations using automation while still providing...

    Learn More