Dropbox employee’s password reuse led to theft of 60M+ user credentials

Dropbox employee’s password reuse led to theft of 60M+ user credentials

Kate Conger, reporting at TechCrunch:

Dropbox disclosed in 2012 that an employee’s password was acquired and used to access a document with email addresses, but did not disclose that passwords were also acquired in the theft. Because Dropbox stores its user passwords hashed and salted, that’s technically accurate — it seems that hackers were only able to obtain hashed files of Dropbox user passwords and were unable to crack them. But it does appear that more information was taken from Dropbox than was previously let on, and it’s strange that it’s taken this long for the breach to surface.

Don’t reuse passwords folks. Find a password manager and learn to love it. There’s 1Password, LastPass, Dashlane and many others. That means there’s no excuse for you to keep using your dog’s name combined with your college graduation year or whatever terrible password you’re using for everything.

Dropbox isn’t a feature, it’s an infrastructure

Dropbox isn’t a feature, it’s an infrastructure

Shawn Blanc explores Simplenote alternatives

Shawn Blanc explores Simplenote alternatives