TORONTO – Dropbox has denied reports that an anonymous hacker leaked hundreds of usernames and passwords to Pastebin, an anonymous information sharing website.
The hacker, who has claimed to have compromised up to seven million Dropbox accounts, said he or she will release more user data if they receive Bitcoin donations.
“Recent news articles claiming that Dropbox was hacked aren’t true. Your stuff is safe,” read a Dropbox blog post published Monday.
“The usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox. Attackers then used these stolen credentials to try to log in to sites across the internet, including Dropbox.”
READ MORE: Is the password really dead? (Hint: Not even close)
The file hosting service added that a subsequent list of usernames and passwords posted online Tuesday were not associated with Dropbox accounts.
The alleged hack comes less than a week after Dropbox was scrutinized by NSA whistleblower Edward Snowden, who said people who care about their privacy should dump services like Dropbox, Facebook and Google, during an interview during the New Yorker festival.
Snowden criticized the service for not supporting encryption and urged privacy-conscious users to switch to alternative file storage services.
As for the most recent security scare, Dropbox added that any accounts that encounter suspicious login attempts will have their passwords automatically reset.
Dropbox is also encouraging users to enable two-step verification on their accounts. Users can enable two-step verification on their accounts through the company’s website.
But, if you are still worried about your account’s security, the best thing you can do is change your password.
Quick tips for creating a more secure password
Stay away from easy-to-guess passwords like “1,2,3,4″ or “Password” and easy-to-guess identifiers like your dog’s name.
Passwords that use up to ten upper- and lower-case letters mixed with numbers are proven to be more secure – despite being hard to remember.
READ MORE: How to create a more secure password
One tip is to construct a password from a sentence, mix in a few upper case letters and a number, for example, “There is no place like home,” would become “tiNOplh62.”
Numbers included in a password should never be something easy to guess based on the user. That means your age, the current year, or your address are not good choices. Similarly, the longer the password the better.
Comments