Dropbox confirms it was hacked, assures it's safe

Dropped the ball on this one

Dropbox has confirmed some account names and passwords have been stolen.

It was alerted after users started complaining about spam they were receiving to email addresses used only for their Dropbox accounts. It started an investigation, and found usernames and passwords stolen from other websites were used to sign in to "a small number" of Dropbox accounts.

One stolen password was also used to access an employee Dropbox account, which unfortunately contained a documents revealing user email addresses. Hence the spam.

Most of the people affected are from the UK, Germany and Holland.

New security measures

Dropbox has apologised for the breach, and has announced some new security measures to keep users safe.

Two-factor authentication requires you verify your identity by two methods, such as a password as well as a temporary code sent to your phone. So belt and braces. It'll be rolled out in a few weeks.

The company will also launch new automated mechanisms to help identify suspicious activity, and a new page that shows you all logins to your account. So they should spot any fishy goings-on.

It says it may also ask users to change their passwords from time to time.

It reiterates to stay safe you should use a different password for every website, to prevent one hack compromising all your activity online.

If you're having trouble keeping track of all your passwords, it suggests checking out 1Password, which keeps a tab on everything. As long as that isn't hacked.

Via SlashGear

Joe Svetlik

Joe has been writing about tech for 17 years, first on staff at T3 magazine, then in a freelance capacity for Stuff, The Sunday Times Travel Magazine, Men's Health, GQ, The Mirror, Trusted Reviews, TechRadar and many more (including What Hi-Fi?). His specialities include all things mobile, headphones and speakers that he can't justifying spending money on.