Hope you can think of another completely random series of letters and numbers to carry around in your head: usernames and passwords of Dropbox users have leaked online, with the cloud storage service reportedly forcing a reset of every user’s password this afternoon.
An entry on Pastebin has appeared today showing 400 Dropbox usernames and passwords, all in plain text. The names and passwords are only a snippet of what the hackers claim to have, with everything alphabetised in the B’s.
The hacker or hackers are calling for Bitcoin donations to fund the operation, adding that the more Bitcoin that’s donated will result in more usernames and passwords being leaked.
The hackers claim that they’ve hacked millions of accounts. 6.9 million to be specific, complete with “photos, videos, other files”.
Whether your name is on here or not, it’s probably time to turn on two-factor authentication and change your password.
Update:
Dropbox has issued a statement to The Next Web, asserting that it wasn’t hacked, and that it was a third-party service that was compromised. Here’s the statement:
Dropbox has not been hacked. These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts. We’d previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well.
Updating…