As many as 68 million usernames and passwords of those using Dropbox landed at the hands of cyber-criminals during the security breach of 2012, according to recent estimates. This also includes the email addresses of victims.
Accurate details of the hacking were revealed by accessing a database as large as 5GB containing data related to the 68 million user accounts, a Motherboard report claimed, quoting an employee at Dropbox. This collection also included hashed user passwords.
The 68 million Dropbox user credentials recovered had everything to do with the Dropbox data breach of 2012, the Motherboard report added.
A majority of these recovered user credentials belonged to legitimate users who had registered at Dropbox during 2012 and earlier, Leakbase, a web leak-tracker service, informed Motherboard.
These developments confirm the authenticity of the security breach of Dropbox in 2012. However, the exact number of affected users, by the hack, is yet to be made public at this juncture.
At this point in time, Dropbox is sending out emails to a large number of users, requesting them to reset their passwords.
"Our security teams are always watching out for new threats to our users. As part of these ongoing efforts, we recently learned about an old set of Dropbox user credentials (email addresses plus hashed and salted passwords) that we believe were obtained in 2012," Dropbox states on its official website.
Therefore, if you have received an email from Dropbox prompting you to change your password, do so immediately as you are under a risk of having fallen victim to hackers during the security breach of 2012.