Hacked Dropbox Data of 68 Million Users Is Now for Sale on the Dark Web
Email and password data for more than 68 million Dropbox users is for sale in the darknet marketplace.
The data set, which is from a 2012 breach, includes users' email addresses as well as obscured passwords. The nearly 5 gigabytes of data represents one of the larger user credential leaks in recent years. Its price is reportedly being set at two bitcoins, the equivalent of about $1,141 US dollars, by a data trafficker on the darknet website TheRealDeal. There are no reports that the dataset has been successfully sold yet.
Dropbox quietly announced the 4-year-old breach last week when it sent out a note to affected users informing them that they would be proactively resetting their passwords. They informed users that their accounts were being reset because the company had been notified about a possible threat. But the full extent of the massive breach was reported by Motherboard and confirmed by an unnamed senior Dropbox employee several days later.
Dropbox was aware of a security breach in 2012 and told its customers, but says that the true scope and size of the hack was new information until last week. Patrick Heim, head of trust and security at Dropbox, said that the company felt it had taken sufficient preventative measures by proactively resetting passwords. Heim added that at this point, there is still no evidence that the users' passwords have been successfully decoded and sold.
No comments:
Post a Comment