Hackers Stole 68M Dropbox Accounts… 4 Years Ago

Dropbox’s biggest hack happened in 2012. Files totaling 5GB with the details of 68,680,741 accounts were found online, and a “senior Dropbox employee” has confirmed that the leak information is legitimate, according to Motherboard.

Dropbox has released a statement about the hack, further clarifying what has happened:

“Our security teams are always watching out for new threats to our users. As part of these ongoing efforts, we learned about an old set of Dropbox user credentials (email addresses plus hashed and salted passwords) that we believe were obtained in 2012. Our analysis suggests that the credentials relate to an incident we disclosed around that time.”

Earlier this week, a proactive password reset covered all the accounts affected by the Dropbox hack. However, given that the details have been stolen since 2012, a four-year gap remains in which millions of Dropbox users’ data was not as secure as they would have hoped. Side note: Dropbox had 100M total users in 2012.

The Hack Probably Didn’t Do Any Damage

There’s a silver lining: There’s no evidence of foul play tied to the use of the account data, just in the initial hack that stole it. Dropbox, at least, has seen “no evidence of malicious access of these accounts,” according to a spokesperson. Motherboard further explains the reasons why:

“Nearly 32 million of the passwords are secured with the strong hashing function bcrypt, meaning it is unlikely that hackers will be able to obtain many of the users’ actual passwords. The rest of the passwords are hashed with what appears to be SHA-1, another, aging algorithm. These hashes seem to have also used a salt; that is, a random string added to the password hashing process to strengthen them.”

Most of the damage dealt out in the Dropbox hack, it seems, was to Dropbox’s reputation. They responded as best they could, but their business model as an online cloud storage platform makes them a ready target for over-eager hackers.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Adam is a writer at Tech.co and has worked as a tech writer, blogger and copy editor for more than a decade. He was a Forbes Contributor on the publishing industry, for which he was named a Digital Book World 2018 award finalist. His work has appeared in publications including Popular Mechanics and IDG Connect, and his art history book on 1970s sci-fi, 'Worlds Beyond Time,' is out from Abrams Books in July 2023. In the meantime, he's hunting down the latest news on VPNs, POS systems, and the future of tech.
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals