The Next Web is reporting (referencing a reddit post) that Dropbox is the latest victim of hackers who stole hundreds of usernames and passwords. Some of the data showed up in plain text on Pastebin from an anonymous user asking for Bitcoin donations to release the entire list. Some reddit users confirmed the account credentials worked and were legit logins.
The Next Web reached out to Dropbox for a statement and Dropbox responded by denying the service was hacked. Dropbox claims a third party service was hacked and the hackers stole logins from there to try and gain access to accounts on Dropbox.
Dropbox has not been hacked. These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts. We’d previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well.
Dropbox says they detected suspicious activity on the accounts months ago and performed password resets. Recently, Snapchat was also caught up in a squall over hacked data, like Dropbox they blamed third-party applications. Cloud services like these might start to rethink giving access to their API’s to third-party apps, as more users turn to third-party apps for features unavailable in the main app. For now, we recommend changing your Dropbox password as well as an third-party application password’s that might access your Dropbox account.Source: The Next Web