Dropbox has admitted that hackers have compromised some of its user accounts.The company says that hackers got user names and passwords when they broke into other websites. They used them to sign into “a small number of Dropbox accounts.” Dropbox didn’t say how many accounts were affected. It has already contacted the users it knows were compromised.
In more bad news, a hacker also used a stolen password to break into a Dropbox employee’s account which contained a document with a list of Dropbox users’ email addresses. Lo and behold, those email addresses started getting spam. Users complained to Dropbox about it and that’s how the company discovered the security problem.
So, it’s a good idea to change your Dropbox password or to at least check a new Dropbox webpage that lets you look at all recent log-ins to your account. If you see something fishy, change your password for sure.
And if you are like most of us, and tend to use the same user name and password for each web app you use, you might want to quit doing that. Remember, a few weeks ago Yahoo got hacked and the bad guys got 400,000 passwords to e-mail accounts.
Dropbox is promising to improve its security in a few weeks by adding an optional two-step login, where you would enter you user name and password, and then a special code sent to you elsewhere, like a text via your phone.