Dropbox Denies It Was Hacked, Says Leaked Usernames And Passwords Are Bogus

You may have read in the news that hackers infiltrated Dropbox, stole seven million usernames and passwords, and then posted a portion of those login credentials online. Those reports stem from an anonymous post on Pastebin.com containing what the author claims is a data dump of 400 Dropbox accounts, calling it the "first teaser" of 6,937,081 hacked accounts. However, Dropbox says the leaked info is from other services.

"Recent news articles claiming that Dropbox was hacked aren’t true. Your stuff is safe. The usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox. Attackers then used these stolen credentials to try to log in to sites across the internet, including Dropbox. We have measures in place to detect suspicious login activity and we automatically reset passwords when it happens," Dropbox said.

Dropbox
Image Source: Flickr (Ian Lamont)

The anonymous poster went on to dump even more username and password combinations, though in an update to Dropbox's original blog post, the cloud storage provide said today that it checked into the new data and confirmed that they're "not associated with Dropbox accounts."

Nevertheless, just because your Dropbox credentials are safe this time around, that doesn't mean they always will be. Data breaches have become an all-too-common occurrence lately. Dropbox used the opportunity to remind users that they shouldn't reuse passwords across multiple services. The cloud storage provider also recommends enabling 2-step verification on your Dropbox account.