Full Scale of Dropbox Hack Revealed
File sharing service Dropbox is warning users who created accounts before 2012 to change their passwords, due to a breach that occurred that year. (If you've already changed your password, there's no need to do so again willy-nilly.) Dropbox previously disclosed the attack, but the full scope of the breach has only recently become known: 5 GB of documents containing email addresses and hashed passwords for over 68 million users. If you used a high-quality password and didn't reuse it on other sites, there is little cause for alarm, thanks to Dropbox’s strong password hashing, but you should change your password if prompted.
It's amazing that no one is freaking out about this here, at least a little. In any case, I received no notice from DropBox, and, in fact, I haven't used my account in years. Just the same, I went online and changed my password.
Given the level of hacking going on these days, it's clear the cloud is neither as reliable nor secure as we have been led to believe by gung-ho cloud enthusiasts. The referenced article in arsTECHNICA mentions that, in addition to DropBox, an online password security firm with their own app, OneLogin, had also been hacked recently. And, of course, they're not the first one this has happened to. A much larger online security business, LastPass, was also hacked a while back.
All this makes 1Password seem a better option, with it's locally stored and encrypted password vault.