Users who signed up for Dropbox prior to mid-2012 will be prompted to update their Dropbox password the next time they login, according to the service, which stressed that this is only a preventative measure.
The move follows the discovery of an old set of Dropbox user credentials (email addresses plus hashed and salted passwords) that the firm believes was obtained in 2012 as part of an incident that was disclosed four years ago.
However, despite the discovery, Dropbox found no evidence that any accounts have been improperly accessed. Nevertheless, as a precaution, any user who has not changed passwords since 2012 will be prompted to do so as part of the next login.
"We're doing this purely as a preventive measure, and there is no indication that your account has been improperly accessed. We're sorry for the inconvenience," writes Patrick Heim on the Dropbox blog.
More information: blogs.dropbox.com
Written by: James Delahunty @ 25 Aug 2016 21:56