Tuesday, October 4, 2016

Download: 68 Million Hacked Dropbox Accounts are Just a Click Away!


Over a month ago, The Hacker News reported about the

Dropbox Hack

, where hackers had managed to steal more than 68 Million Dropbox accounts in a data breach that was initially disclosed by the online cloud storage platform in 2012.

Although the initial announcement failed to reveal the true scale of the data breach, it was in late August when the breach notification service LeakBase obtained files containing details on over 68 million accounts, which contains email addresses and hashed passwords for Dropbox users.

Last month, a hacker was selling this Dropbox data dump on a

Dark Web

marketplace known as TheRealDeal for

around $1200

.

However, Motherboard recently

discovered

that a researcher has just uploaded the full dump of hacked Dropbox database online.

Download DropBox Data Dump Here:

Thomas White, known online as The Cthulhu, uploaded Monday the full Dropbox data dump onto his website in a move, as he claims, to help security researchers examine the data breach.

So, anyone can now

download the leaked database

of 68,680,741 Dropbox accounts, containing email addresses and hashed passwords, totally for FREE.

"The ... dump was allegedly taken from Dropbox sometime in 2012 following a breach," White writes on his website. "I have assisted [in keeping] this breach public for those who are struggling to find a reliable source for research."

White is the same person who previously dumped accounts from massive data breaches in large enterprises, including extramarital affairs site

Ashley Madison

, social networking site

Myspace

, and more.

The good news is that out of 68 Million, around 32 Million passwords are secured using strong hashing function

BCrypt

, which makes it difficult for hackers to obtain many of users' actual passwords.

The rest of the account passwords are hashed with the

SHA-1 hashing algorithm

and also believed to have used a Salt – a random string added to the hashing process to further strengthen passwords to make it harder for hackers to crack them.

Moreover, the company previously ensured its affected customers that there is no evidence of any malicious access of their accounts,

saying "Based on our threat monitoring and the way we secure passwords, we do not believe that any accounts have been improperly accessed."

Dropbox is one of many "

Mega-Breaches

" revealed this summer, when hundreds of millions of account credentials from years-old data breaches on famous social network sites, including

LinkedIn

,

MySpace

,

VK.com

and

Tumblr

, were exposed online.

The best way to protect yourself is to change your passwords for Dropbox and other online accounts, especially if you are using the same password for multiple websites, as well as use a

good password manager

to create and manage complex passwords for different sites.



from The Hacker News http://ift.tt/2daMF3p

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.