Drop-box the popular online locker service, appears to have been hacked by an unnamed hacker group. It is still unclear how the account details of so many users were accessed and, indeed, if they are actually legitimate or not. However, the group claims to have accessed details from nearly 7 million individual accounts and are threatening to release users’ photos, videos and other files.
HACKERS CLAIMED TO RELEASE 7 MILLION USERS’ PERSONAL DATA
A message annotated at the top of the leaks said:
Here is another batch of Hacked Drop-box accounts from the massive hack of 7,000,000 accounts
To see plenty more, just search on [redacted] for the term Drop-box hack.
Hackers have already leaked about 400 accounts by posting log in credentials, all starting with the letter B, and labelled it as a “first teaser…just to get things going“. The perpetrators are also promising to release more more password details if they’re paid a Bit-coin ransom.
The security breach in Drop-box would definitely have bothered its millions of users and since passwords are involved in this incident, so it has more frightening consequences on its users. Reddit users have tested some of the leaked username and password combinations and confirmed that at least some of them work.
DROP-BOX DENIED THE HACK THIRD PARTY IS RESPONSIBLE
“Drop-box has not been hacked. These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Drop-box accounts. We’d previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have expired as well.”
USERS ARE ADVISED TO CHANGE PASSWORDS
Update: Drop-box has issued a statement on its blog further clarifying that the Drop-box passwords were stolen from unrelated services.