According to a blog recently posted on the Dropbox website, a 2012 data breach included the theft of 68 million email addresses and passwords. It is estimated that Dropbox has over 200 million customers, so the hack potentially impacted a significant percentage of its customers. At the time of the incident in 2012, customers were not aware of the loss of passwords in addition to the theft of email addresses.
Dropbox also states that they have contacted customers that opened a Dropbox account prior to mid-2012 and have not since changed their password. Dropbox offers two step verification, which will provide customers added protection.
As with any breach where email addresses and passwords are both compromised, customers should change passwords if they used the same password on any other site.
What small businesses can do
Check to see if you have current or old email addresses that were used for a Dropbox account. It is not uncommon to have more than one account, using different email addresses. If you are prompted by Dropbox, you need to change your password. If you are not prompted, Dropbox states you don’t need to change your password.
Change your password to a strong one that you don’t use anywhere else. Implement two step verification for added security.
Other data breaches reported recently include Kimpton Hotels, One Login, a cloud-based password security app, retailer Eddie Bauer, and possibility Yahoo. The Yahoo breach of possibly 200 million email accounts and passwords, may be data from 2012 and has not yet been confirmed by Yahoo. Here is a link to Yahoo’s help page on how to change a password.