After Dropbox breach, Sophos stresses on better password practices

Following a two-week investigation, Dropbox yesterday acknowledged that its service had been hacked into. Dropbox reportedly confirmed that hackers managed to obtain usernames and passwords from third party sites and used them to access Dropbox users' accounts. It has now been revealed that the users whose accounts were affected used the same sign-in credentials across multiple online accounts.

d b

Maintain separate passwords across different online accounts




Now, IT security and data protection firm Sophos is reiterating to users the importance of maintaining separate passwords across different online accounts. Reportedly, Dropbox is of the opinion that the hack into its services has led to its users receiving a lot of spam. It is, therefore, taking steps to help users in not only protecting their accounts, but also improving security as a whole.   


Graham Cluley, Senior Technology Consultant at Sophos explained, "The Dropbox incident underlines the necessity of having different passwords for every website. As people pile more confidential information onto the web, hackers are being given a greater incentive to penetrate accounts.  The frequency and severity of these data breaches is proving time and time again that users must make better efforts to protect themselves. If you are going to entrust sensitive data to Dropbox, my advice is that you should automatically encrypt it before sharing it with the service. That way anyone who raids your account won't be able to make sense of what you have stashed in the cloud anyway. Businesses are waking up to the need to use automatic and invisible encryption alongside their cloud storage - protecting users who make use of services such as Dropbox."


The hack was discovered when scores of users, who had received unsolicited spam emails related to online casinos and gambling sites began posting on company's forum. The users revealed that they had been receiving spam from the e-mail addresses that were only associated with Dropbox. The company got hold on the situation, but by then, 295 people, majority of them coming from Germany, Holland and the U.K., had already posted on the forum.