Connecting to LinkedIn...

W1siziisijiwmtuvmdqvmtuvmdgvntqvmzgvnzi1l01ptlrbu0hfqkxpr19vtljftkrfukvex0lnqudfx3jlc2l6zwrfyw5kx3jlbmrlcmvklmpwzyjdlfsiccisinrodw1iiiwimtkymhgxmjuwiyjdxq

Blog

Dropbox addresses leak revelations

8/09/2016 by Usha Tyagi

Blank

Over the past few years, there have been many concerns regarding cloud computing, a lot of which are in direct response to security issues. Now, Dropbox has responded to the revelation that it was hacked, with many users’ personal details stolen. The firm said that by resetting passwords, it has actually prevented user data from being hacked.

The first signs that something was wrong was when a number of Dropbox users received an email stating that if they hadn’t changed their password since 2012, they would be prompted to add a new login during their next sign in. Dropbox Head of Trust and Security Patrick Heim wrote a blog post saying that the email was “purely as a preventative measure.” Despite this, there have been numerous reports citing an anonymous source that over 68 million credentials have been stolen.

One security expert, Troy Hunt, managed to obtain a copy of the information and discovered not only his details but also his wife’s. Not only did she utilise a password manager, but she also hadn’t changed her login since 2012. Hunt said: “There is no doubt whatsoever that the data breach contains legitimate Dropbox passwords – you simply can’t fabricate this sort of thing.”

In further response to the ongoing reports, Heim stated that the breach is not a new security incident, and there is no obvious indication that any accounts have been hacked. “Our analysis confirms that the credentials are user email addresses with hashed and salted passwords that were obtained prior to mid-2012,” he said, adding: “We can confirm that the scope of the password reset we completed last week did protect all impacted users. Even if these passwords are cracked, the password reset means they can’t be used to access Dropbox accounts. The reset only affects users who signed up for Dropbox prior to mid-2012 and hadn’t changed their password since.”

The hacking of Dropbox could have some positive impacts upon cloud computing and safety, however. For example, Kaspersky Lab Principal Security Researcher David Emm suggested that following the EU General Data Protection Regulation (GDPR), companies may place more emphasis on containing links instead of trying to stop them altogether. For example, Dropbox not only salted and hashed passwords but also provided immediate advice to consumers. This can limit the fallout of a breach, and ensures that users stay in the loop and can take action to protect their data. 

 

About Us

Montash is a multi-award winning global technology recruitment business. Specialising in permanent and contract positions across mid-senior appointments across a wide range of industry sectors and IT functions, including:

ERP Recruitment, BI & Data Recruitment, Information Security Recruitment, Enterprise Architecture & Strategy Recruitment , Energy Technology Recruitment, Demand IT and Business Engagement Recruitment, Digital and E-commerce Recruitment, Leadership Talent, Infrastructure and Service Delivery Recruitment, Project and Programme Delivery Recruitment.

Montash is headquartered in Old Street, London, in the heart of the technology hub. Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid management in permanent and contract roles.

comments powered by Disqus

Social Stream

Latest News

W1siziisijiwmtcvmdkvmjkvmdgvmtmvmjkvmjgyl1vudgl0bgvkigrlc2lnbiaomjuplmpwzyjdlfsiccisinrodw1iiiwimzgwedewmcmixv0

Are PSLs a Blocker or an Enabler?

2017-10-02 11:00:00 +0100

The use of a Preferred Supplier List (PSL) was intended to support and strengthen relationships and performance between organisations and their third party suppliers. As the technical landscape continues to evolve at rapid rate recruitment and demand for new skills becomes more intense. Are PSLs still the solution or an obstacle to sourcing the right talent? The traditional PSL A dedicated list of partners intended to guarantee quality and availability ...

W1siziisijiwmtcvmdkvmjevmdgvndmvmduvmtmxl1vudgl0bgvkigrlc2lnbiaomjmplmpwzyjdlfsiccisinrodw1iiiwimzgwedewmcmixv0

Why do we punish the victims of hacking?

2017-09-21 09:00:00 +0100

Hacks occur every 39 seconds, with 95% of them targeting governments, retailers and the tech industry. If the hackers are caught, they'll face prison time under the Computer Misuse Act. More often than not, the businesses who are victims of those attacks expose themselves to punishment of their own. The laws that determine the duty of protection owed to businesses and their customers is both vague and broad, making them question just how much protection...