Popular cloud storage firm Dropbox has been hacked, with over 68m users’ email addresses and passwords leaking on to the internet.
Late yesterday, Motherboard reported that it had acquired the stolen trove of Dropbox credentials and that it contained no less than 68,680,741 account records.
A senior Dropbox employee told the publication that the credentials were legitimate, and data leak compiler and security researcher Troy Hunt has since chimed in to agree.
Dropbox says that it hasn’t seen evidence of intrusion on the compromised accounts, and they’ve all had their passwords reset as of last week.
The company has been encouraging users to enable two-factor authentication (which it also did in 2012) and is suggesting that users change their passwords on other sites if they ever reused a Dropbox password somewhere else.
You can check if your data is included in the breach using Hunt’s tool HaveIbeenpwned.