Soon after Edward Snowden pointed out that Dropbox is hostile to privacy, a thread on Reddit now reveals a link that teases hundreds of Dropbox usernames and passwords in plain text. It is from an annonymous user and the leaked data is just a tease before the full leak that has around 7 million accounts compromised.
A message on the Pastebin file reads, “Here is another batch of Hacked Dropbox accounts from the massive hack of 7,000,000 accounts. To see plenty more, just search on [redacted] for the term Dropbox hack. More to come, keep showing your support.”
Some users have reportedly confirmed the credentials, but the number of users affected is still unclear. However, Dropbox has declined a hack and blames third-party apps for the leaked data.
It has confirmed to TheNextWeb, “Dropbox has not been hacked. These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts. We’d previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well.”
However, the news site quickly points out, “What’s odd about this statement is that if the attack was previously known, why did some of the credentials still authenticate that were part of the dump to Pastebin? You would think that they would have been able to protect all of the accounts before the dump occurred, but at this time we have to take their word for it.”
Though we aren’t yet sure what possibly leaked the Dropbox passwords, we would suggest you simply change the password as soon as possible. Recently, mobile messaging service Snapchat had also blamed third-party software apps for possible security lapses that may have led to its users’ private photos being at risk of online publication by hackers.