Wednesday
Encrypted passwords among stolen in 2012 breach, Dropbox says
Security breaches are nothing new, but it has been growing in frequency and boldness as of late. Back in 2012 Dropbox was targeted by an attack, but it is only now that the company revealed most of the stolen credentials are still floating around in the dark web.
The 2012 breach compromised more than 60 million accounts and it all became possible because hackers managed to locate a personal password that was reused by an employee on the corporate account. Apart from the usual stored data, TechCrunch reports that user passwords were also acquired in the theft.
Fortunately, Dropbox passwords are encrypted and secured with salt–these are random data strings that are added to strengthen encryption. Despite the data being made available online, it would seem that the encryption has not been cracked yet.
The company has also taken measures to ensure that employees do not reuse passwords by having password management service 1Password available for their employees. They are also currently requiring a two-factor authentication for all internal systems.
Because online cloud storage services play host to all kinds of data, they become frequent targets for hackers. However, since 2012 the Dropbox has not reported any major security compromises. This bodes well for the company and to its millions of users, who have grown to 500 million. Alfred Bayle
source: technology.inquirer.net