• Subscriber/Sign In
  • Register
  • About Us
isssource.com
  • Home
  • Register
  • News
    • Careers
    • Government
    • Incidents
    • Industry Voices
    • Products and Services
    • Sending it Your Way
    • Technology Update
    • Views
  • Research
  • Events
  • Login
  • Lost Password
  • Training & Certification
  • White Papers
  • Subscribe Now
  • Archives

Breaking News

  • 3 Nukes Shutting Down
  • Bedrock’s Security March Continues
  • TX Refinery Blast Emits Contaminants
  • BD Patches Pyxis
  • Vecna Clears VGo Robot Holes
  • Intel Updates 2G Modem Firmware
  • Advantech Working to Fix HMI Holes
  • AIChE: Safety: Doing More with Less
  • AIChE: Safety ‘Underpins’ Industry
  • AIChE: Safety Obsession to the Core
  • FDA to Hike Medical Device Security
  • Teen who Hacked CIA, DHS Heads gets 2 Years
  • Siemens Mitigation Plan for Simatic App
  • Chemicals Leak at DE Refinery
  • Microsoft Engineer Charged with Money Laundering
  • Schneider Software Plan for InduSoft, InTouch Hole
  • Read More

Chemical Safety Incidents

White Papers

  • A Year in Vulnerabilities
  • A Year in Threats
  • Year in Hunting and Responding
  • Finding the Competitive Edge
  • Going Digital
  • Visibility Leads to Knowledge
  • Tips to SCADA Security
  • Read More

Sending it Your Way

  • exida Explains
  • ABB: Process Automation Insights
  • Joel Langill: SCADAhacker
  • [In] Security Culture
  • Eric Byres: Practical SCADA Security
  • Department of Homeland Security
  • Jim Cahill
  • Dale Peterson
  • Industrial Defender
  • Wurldtech
  • Read More

Dropbox Not Hacked, Unrelated Services Were

Wednesday, October 15, 2014 @ 02:10 PM gHale

Dropbox denied they suffered an attack, however login credentials leaked by someone on Pastebin are those of Dropbox users.

The leaker released the first batch of credentials and then asked interested users to donate bitcoins in order for the leaks to continue. In the following hours, the attacker continued to leak batches even though there was only one donation.

RELATED STORIES
Bash Attack on NAS Systems
Shellshock Attacks Raging
Honeypot Finds Shellshock Attacks
Shellshock: Cisco Lists 31 Vulnerable Products

Simultaneously, more batches released and another bitcoin address provided for donations. No donations have gone out.

Dropbox statement, saying: “Your stuff is safe. The usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox. Attackers then used these stolen credentials to try to log in to sites across the Internet, including Dropbox,” Anton Mityagin from the Dropbox security department said.

“Attacks like these are one of the reasons why we strongly encourage users not to reuse passwords across services. For an added layer of security, we always recommend enabling 2 step verification on your account,” he pointed out, adding the company has measures in place to detect suspicious login activity and that they automatically reset passwords when it happens.

Mityagin also said they checked the lists of usernames and passwords posted online and they are not a part of Dropbox accounts.



Leave a Reply

Click here to cancel reply.

You must be logged in to post a comment.

« Siemens Heartbleed Update, Again
POODLE Marks Rough End to SSL 3.0 »

  • Home
  • Register
  • View Spotlight Article
  • News
  • Research
  • Events
  • Login
  • Lost Password
  • Training & Certification
  • White Papers
  • Subscribe Now
  • About Us
  • Archive
  • Sitemap
  • Careers
  • Government
  • Incidents
  • Industry Voices
  • Products and Services
  • Sending it Your Way
  • Technology Update
  • Views
Policies
Copyright © 2018 isssource.com
Powered by Magic Members Membership Software