Dropbox denies breach- claims cloud service wasn’t hacked
by Carol Thompson
Cloud storage service Dropbox denies it was hacked and claims that many of the usernames and passwords posted on a website weren’t those of Dropbox users.
On Monday an anonymous hacker claimed to be in possession of seven million passwords to Dropbox accounts. The hacker posted approximately 400 usernames and passwords on anonymous note site Pastebin. Some Reddit users alleged that they were able to successfully log into Dropbox using the posted information before the leaked passwords were deactivated.
But Dropbox officials said that unrelated websites are the data source.
In a post on the company’s blog, Dropbox security engineer Anton Mityagin, wrote, “Recent news articles that Dropbox was hacked aren’t true. Your stuff is safe. The usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox.” It continues, “Attackers then used these stolen credentials to try to log in to sites across the Internet, including Dropbox. We have measures in place to detect suspicious login activity and we automatically reset passwords when it happens.”
The anonymous author asked for community support in the form of Bitcoin currency. Bitcoin is a currency created in 2009 by someone using the alias Satoshi Nakamoto. No banks are used to complete the transaction. The author has teased that more usernames and passwords will be published.
Image: Flickr: Ian Lamont