Dropbox has verified that 68 million user credentials have been exposed


Dropbox has announced via their blog that 68 million user email addresses with hashed and salted passwords have been exposed. Dropbox has verified that the information is indeed legitimate.

Dropbox has announced via their blog that 68 million user email addresses with hashed and salted passwords have been exposed. Dropbox has verified that the information is indeed legitimate. As a result, they have proactively completed a password reset for anyone who hadn’t updated their password since mid-2012. They’re contacting account owners via email and the next time they login, they will be prompted to update their passwords.

Don’t wait until a threat strikes.

Security threats and malware lurk on Windows PCs, Macs, and Android and iOS devices. If you use more than one device – like most of us do – you need an all-in-one security suite. Meet Norton Security Premium.

Enjoy peace of mind on every device you use with Norton Security Premium.

The credentials that have been affected were from a data breach the company suffered in 2012.

So if you have signed up for a Dropbox prior to mid-2012 you may be affected.

The Best Defense Against Data Breaches Is Diligence and Proactive Protection

While data breaches aren’t easily preventable on your part, there are actions that you can take in the event of a data breach to help yourself stay protected. If you feel that you have been impacted in this data breach, here are a few steps you can take to protect yourself further:

  • Single, complex passwords can be difficult to remember, let alone multiple ones. A good amount of users tend to use the same password across multiple sites. As a result, data obtained from one website breach will be used across other websites, in hopes of email and password reuse, granting the criminal access to additional accounts. If you do this practice, change your passwords on any sites that use the same email and password combination immediately. Be sure that each password is unique to each site.
  • Enable two-step verification. Even if a website or app has strong security controls, your online accounts can become vulnerable to attack if you reuse passwords or have weak passwords. That’s why Dropbox and Norton strongly recommend turning on two-step verification for Dropbox and other sites that support it.
  • Since passwords are a bit tricky to manage, Norton can help. You can learn more about safe passwords and password managers and keep them secure via Norton’s Identity Safe for free.
  • If you're unsure if you have been affected by this breach, or any other data breach, you can sign up for haveibeenpwned.com, which will notify you by email if any of your usernames and emails have been exposed in a data breach.

Even if you haven’t been affected by this particular incident, the aforementioned tips are also a great way to get proactive about your own cyber protection. Think of it like insurance- you don’t wait for something to happen and then get insurance, you already have it in place just in case.

Norton logo
  • Norton
Norton empowers people and families around the world to feel safer in their digital lives

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 


    Want more?

    Follow us for all the latest news, tips and updates.