Click to Skip Ad
Closing in...

Dropbox didn’t tell anyone about a giant hack for four years

Published Aug 31st, 2016 7:00PM EDT

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

We get it, companies get hacked all the time. And they’re not too eager to share details about data breaches, but they ultimately have to release details about it so that affected users can protect themselves. At least, they should disclose details. But Dropbox failed to do so, hiding for no less than four years the magnitude of a data breach that may have affected up to 68 million accounts.

DON’T MISS: This is the huge iPhone 7 leak we’ve been waiting for

The company asked users last week to change their passwords if their accounts dated back to mid-2012. The company acknowledged the hack that took place four years ago, but it didn’t say how many users were compromised, Ars Technica reports.

The scale of the attack is impressive, suggesting that hackers knew what they were doing. Motherboard obtained four files totaling 5GB in size from sources in the “database trading community,” that contained email addresses and hashed passwords for more than 68 million Dropbox users.

A senior Dropbox employee said that the data was legit. Security expert Troy Hunt, who’s behind the haveIbeenpwned.com site, also said the data is legit.

Dropbox admitted to the hack and confirmed email addresses and “hashed and salted passwords” were stolen, but it never disclosed the number of affected accounts. The company also said that there was no indication that Dropbox user accounts have been improperly accessed.

Meanwhile, Dropbox confirmed to Ars that the hack did indeed affect more than 60 million users: “We can confirm that based on our intelligence number we have seen is in the 60+ mil range.”

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.