Data breaches on popular websites and services seem to be so commonplace these days that it no longer comes as surprise when the latest one is reported. We found out recently that cloud storage site Dropbox is the latest well-known company to have suffered an intrusion and data breach, with hackers being able to gain access to the company’s servers last Friday.
The company has now confirmed that account holders who have not changed their password since mid-2012 are the ones likely to have been affected by the breach, but has your own individual account’s data been accessed?
In response to the confirmation of the attack, Dropbox has acted relatively swiftly to issue an email to account holders that it feels could have been affected by the breach. Included in the email was the advice for users who have not reset their Dropbox password since mid-2012 to do so immediately. Anyone who has received that email can safely assume that they have been affected by the attack, and should therefore go through the process of changing the account password as soon as is physically possible.
Additionally, for those worried if their cloud storage has been breached can also check for confirmation of the breach by using a tailored web service at haveibeenpwned.com which is created by a Regional Director at Microsoft.. If you visit that site, you can immediately get an understanding of just how easy the service is to use, and actually how important it is to know if your email address or username or password has been recorded in any breach or dumps of data online.
Users simply need to enter their own email address associated with a Dropbox account, or a username, and hit the pwned? button to trigger the service to check its records. Once it runs through its processes behind the curtains, it will let you know whether or not your account has been recorded in a breach. To really make an emphasis, the screen turns green if no breach is recorded, or red if your account has been compromised.
What’s actually great about the site is that it not only tells you immediately if you have been affected by the Dropbox breach that has recently seen over 68 million records traded online, but it also checks if the provided credentials have been part of any historical breach, such as the LinkedIn leak from May 2016, or the Tumblr data breach back in early 2013. If you’ve received the email from Dropbox, but want to double-check your inclusion in this hack, then make sure you check out the service right away, and remember, make sure you change that password immediately.