During the month of August, motherboard one of prominent online magazine released a report that more than 60 million account details were stolen from the cloud storage provider Dropbox. However now approx. 68 million Dropbox accounts are available to download by anyone.( Exact number as publish on ibtimes :68,680,741 accounts)
During the month of September, the data brokers were selling the dump for $1200 on the darkweb and there is no evidence of how many bought this dump.
Analysis of the dump further says that approx. 32 million Dropbox passwords were secured with strong hashing function bcrypt which means it will be harder to decrypt these passwords by most hackers. Remaining passwords were hashed with SHA1, an algorithm with a salt. (Salt is a random string added to further strengthen the password) However the dump doesn’t include the salt which makes it harder for any hacker to break it and get the real passwords.
Earlier this week on Monday, Thomas White, (Cthulhu) made the full data dump available onto his website saying this will help researches to examine about the breach.
“I have assisted to keep this breach public for those who are struggling to find a reliable source for research,” Thomas White writes on his website.
Dropbox once denied about this hack in the past, has found the true evidence of such magnitude. Last month 5GB of dump files were analyzed by motherboard and have found them to be genuine, after Dropbox confirmed those accounts. As a mitigation step, Dropbox forced its users to change password but the exact number was never released by the company.
“Our security teams are always watching out for new threats to our users. As part of these ongoing efforts, we learned about an old set of Dropbox user credentials (email addresses plus hashed and salted passwords) that we believe were obtained in 2012. Our analysis suggests that the credentials relate to an incident we disclosed around that time,” – as mentioned by Dropbox earlier.
Dropbox offers 2 factor authentication since 2014 and any user using this security mechanism has better chances protecting their data. And if anyone is still using the same old password since 2012 or has been sharing the password with multiple portals it’s definitely time to change that to keep your account secure.