In my last post I looked at how the iCloud Celebrity hacking’s happened and how they were constructed. The most interesting development I found, was the fact that the men who hacked their accounts were not professional hackers. Since the Celebrity hacks, there have been more and more stories about Cloud programs being hacked and releasing sensitive information about it’s users. One of the most recent developments was the cloud storage software, ‘Dropbox’.
The Dropbox Hack
This program allows you to store photos, videos and files that can also be shared to other Dropbox users. The program currently has over 500 million users worldwide.
Reportedly, the Dropbox hack stole over 60 million logins. The website Motherboard says that it has seen some of the passwords available for sale online. They believe that the encrypted passwords were stolen in 2012. Dropbox has since changed their password encryption and sent an email to everyone who had a Dropbox account before 2012 to change their password.
Even though the disclose of information said there was no indication that the data breach had been used to improperly access Dropbox user accounts. According to the head of trust and security at Dropbox, Patrick Heim.
The Dropbox password leaking’s were just one of the breach’s made last summer. Popular sites such as LinkedIn, MySpace, VK.com and Tumblr were all also exposed online.
Have I been pwned?
If you are unsure whether your data has ever been breached, check out the website Have I been pwned?. This website created by Troy Hunt. It is free and easy to use for everyone. All you need to do is simply type in your email and the website searches to see whether your data has been breached. If your email turns out to be pwned, it is best to change all of your passwords to be on the safe side. Creating a strong password is very important to staying protected from hackers, Hunt commented on the Dropbox hacking saying:
“The bycrpt hashing algorithm protecting [the passwords] is very resilient to cracking and frankly, all but the worst possible password choices are going to remain secure even with the breach now out in the public”
The issue that arises with Cloud based accounts is that at any point they can be breached without the user knowing. For software’s like Dropbox it is crucial they have good security as people put their trust is into the company. To keep yourself as safe as possible from your data being leaked, the best tip is to create a unique and strong password that nobody could guess. Also, you should enable the two-step verification on your account so that whenever you login a Pin number will be sent to your phone to verify its you logging in.
It does not take long for someone to change their password from a weak one to an unbreakable one. Wouldn’t you rather be safe than sorry?
Leave a Reply