Guest mrclean0325 Posted September 8, 2016 Report Posted September 8, 2016 It has been reported that the data breech at DropBox is MUCH more serious than originally indicated. The company has been issuing notices of changing the account passwords BUT it goes MUCH deeper as reported yesterday in the Washington Post. It seems there was a data breech in 2012, it was poo-poohed at the time. The story below broke that there were over 5 Gig of data removed from DropBox and now being auctioned on the darknet. The estimate is it is data from 68 MILLION DropBox users. If you are a DropBox user, I would strongly suggest to change EVERY password on ANY account associated with your email address used at DropBox. It may already be too late since they have had 4 years to use the data and if you used the same emil address/password for DropBox as other sites - they have those too and may have been using them already. Read the complete story here: https://www.washingtonpost.com/news/the-switch/wp/2016/09/07/hacked-dropbox-data-of-68-million-users-is-now-or-sale-on-the-dark-web/ Quote
Greg Wessels Posted September 9, 2016 Report Posted September 9, 2016 "...I would strongly suggest to change EVERY password on ANY account associated with your email address used at DropBox." That seems like over-kill to me. I wasn't a customer in 2012 so no worries here, but you should NEVER rely on another company to store your valuable data unlessthat is all they do. DropBox and other general cloud services are not that company. Be safe out there. Greg Quote
Guest mrclean0325 Posted September 10, 2016 Report Posted September 10, 2016 That seems like over-kill to me. Unfortunately it is not. Many people use the same password for many accounts with the same email address. You know one combination and you know them all. The ease to be able to remember the password overshadows the security. A password should NEVER be something someone who can gather data from you may guess; like an anniversary, birthday, pet name, spouse name, child name, etc. It is surprising to many how easy this information is to get from the web in places like Facebook and other social networks. Experts suggest a password should be 16 characters long and a combination of upper case, lower case, numbers, and symbols to be the most secure. Nothing anyone could even hope to remember. An unfortunate fact in the day we live in... Quote
Greg Wessels Posted September 10, 2016 Report Posted September 10, 2016 RoboForm to the rescue! If you want to be lazy when it comes to passwords, then use a password manager, which creates and stores them for you. Using thesame password at multiple sites is just asking for disaster with your accounts. Quote
leiana777 Posted September 15, 2016 Report Posted September 15, 2016 Hmm thats seems serius. im dropbox user since 4-5 years ago.. thanks for sharing that info Quote
chrystalia Posted September 21, 2016 Report Posted September 21, 2016 I did all you suggested when the hack first happened, and have been doubly careful ever since--because I know how very valuable data can be. I'm not a real fan of cloud storage anyway, because I have seen too many so-called responsible companies over the years that aren't nearly as careful with their security as they should be, and the hackers get smarter every day.... Quote Fortune Favors The Bold! http://fortunestraffic.comFortunes Traffic--for Zubees, Promos, Fun, and Traffic. Interested in Hard Rock Gold Mining? Check Out My Other Half's You Tube Channel -- https://www.youtube.com/channel/UCbcYhenGjigBC5GgEjEANLQ
Guest mrclean0325 Posted September 21, 2016 Report Posted September 21, 2016 Wait a minute, let me adjust me tin-foil hat a bit...OK, I am not a great one for trusting most online anything from working in the industry for as long as I have. There are security vulnerabilities in a LOT of mainstream software and way too many sites. There are many even in the most updated security suite. "Zero day" exploits are increasing at an alarming rate - this means that update to fix a security problem has a bug in it that is a security problem and the hackers found it the day it was released. Even with the most up to date security software, there still could be nasties on your computer secretly sending data to someone the security suite will not ever see or detect. Then there are the "trusted" sites and softwares. It creeps me out a bit to know Google knows EVERYTHING I do online and scans each and every link I click in Gmail. They know who is in the pictures I save from my phone. Facebook knows way too much about the people on it too. The idea M$ had to monitor all of your activity to "improve" Windows and nobody had any idea they were doing it UNTIL a hacker outed them. This is why I only use Keepass. I have it on a USB thumb drive and let it generate the passwords (16 characters) so I know the password will be hard to crack. I use the features in the software to paste in the passwords so no keylogger can see them or send them anywhere. I don't keep any sensitive data on any site anywhere. Of course all of this is useless if the site itself is not very security conscience. It is all null and void when the site send you your login, password, and all the security information to you in an email in plain text or save them on their servers in a plain text file. If you want a scary thought....what did you do with your OLD phone or computer? If you sold them to someone - every stitch of data you ever put on them CAN be retrieved from the hard drive or storage. Every email, every account number you had in anything on it, passwords, pictures, all of it. I know this for a fact from the people I know at the DOD. This is why they run ones and zeros over the entire drive a few times, grind it down, and melt it to prevent any data from being found. This is why I never use a pre-owned hard drive. If I bought it from Pete Pervert, his porn stash can still be retrieved. The funniest thing is the "Private browsing" on most newer browsers. All it does is not save the pages, cookies, or data on your computer where they are easily visible. Mostly so your spouse can't see where you went when online when you are "working". It doesn't stop the multiple servers the data flows through from logging them with all of your identifiable information contained in them. This includes everything you did, every place you went, and what sites you looked at. Now government and law enforcement are lobbying hard to pass laws to require software companies to provide them with a "back door" only they can use. This is in the interest of national security, of course, so they can just spy on the bad guys and stop terrorists. Not that they can't already do it, they just want it to be easier. They also want secret keys so they can decrypt any encryption method. If these laws pass, nothing will be "secure" except the criminals stuff who won't care to play by the rules anyway. Anyway, scary stuff...oops...my hat is getting hot, gotta go... Quote
stevesapps Posted October 17, 2016 Report Posted October 17, 2016 Thanks for the info, and I agree Mrclean, you make some good points. My tin foil hat has been glued to my head since the early Nineties, and I'm not taking it off for anyone hehehe. Quote
trv369 Posted October 17, 2016 Report Posted October 17, 2016 I think this link is relevant to this thread: https://haveibeenpwned.com/ Quote >>> Claim a bunch of free & easy coins here! Weekly payouts to your PP & PZ <<< http://i.imgur.com/P2Lr9Dl.gif
Guest mrclean0325 Posted October 18, 2016 Report Posted October 18, 2016 Thanks for the info, and I agree Mrclean, you make some good points. My tin foil hat has been glued to my head since the early Nineties, and I'm not taking it off for anyone hehehe. Mine has been on that long too! It started with a run in with the DOD; of all organizations. Even back then, they were scary as to what they knew and could do in the way of getting data you thought was destroyed or safe. My wife was at fault, she showed me a picture on Classmates of a woman who she thought I went to school with. She went to a different school though and we were at the site for a total of about 5 minute. Two days later I got a call from the DOD to meet me about my computer use and wanted to meet and discuss it. I thought it was a joke until they started reeling off details about me and my wife and strongly suggested it was in my best interest to meet them at a public place. To make a long and scary story shorter, the woman who my wife had me look at her picture started getting threatening and bizarre emails shortly after that - her husband was in the military so they called the DOD. Since I had been to the site and "fit the profile" - I was targeted. They knew EVERY site I had been to, how long I stayed, and quite a bit about me, my wife, most everything about us, and that was downright scary. Once they were satisfied we weren't the ones; I talked to the agents a bit and they shared what they could do with a computer to get the data extracted and how much they knew about what people did online. This was in the early '90s. What they can do now is even scarier. So if they can do it, so can the bad guys (or gals) out there and worse. In my years of being in high tech, I know these things to be true. They say the only computer safe from hackers is one in a safe at the bottom of the ocean, but that is not true since it can still be recovered...the matrix can suck at times! Brian Francis and stevesapps 2 Quote
stevesapps Posted October 18, 2016 Report Posted October 18, 2016 That's so messed up, but I know what you're saying to be true. The powers that be, hold all the power, and now they're not restricted by the old laws of privacy they can track and trace us not just digitally, but physically too. I used to be an activist, and have been trailed after meetings etc, and my life has changed and I'm no more active in protest of our rights, (as we have none now), and the time for rebellion has long passed as has democracy and human rights. I just feel sadness for the following generations that we have failed, as it's they who inherit our failures.Peace to you mate, and all the best. Quote
Monika Posted October 20, 2016 Report Posted October 20, 2016 Hmmmm that is why Drop Box asked to change my password back in September. I have used it for only a few years. I love it for its efficient way of handling things. and the fact that I can sync both my Laptops.I always have my guard up. Brian Francis 1 Quote SFI around the clock http://www.sfimg.com/SFIBanners/banner167.gif http://www.sfi4.com/17218189/REAL
smalpani7 Posted October 24, 2016 Report Posted October 24, 2016 Dropbox is a necessary evil for most of us Quote
John Lederer Posted November 25, 2016 Report Posted November 25, 2016 "...I would strongly suggest to change EVERY password on ANY account associated with your email address used at DropBox." That seems like over-kill to me. I wasn't a customer in 2012 so no worries here, but you should NEVER rely on another company to store your valuable data unlessthat is all they do. DropBox and other general cloud services are not that company. Be safe out there. GregDoesn't Dropbox JUST store data for their customers?? I am not aware they do anything beyond cloud storage.Have been a happy customer there many years. Brian Francis 1 Quote Warmest Regards,John LedererMarketer since 1995Online since 2000
Guest mrclean0325 Posted November 25, 2016 Report Posted November 25, 2016 You are correct, they cloud store data. Though people do store sensitive data, financial records, and various other important things in it. People also have the tendency to use the same username and password for many sites. If you used the same username and password for DropBox: as say your bank, PayPal, email accounts, etc. it would not be too hard for someone to find them and try the same combination to access the sites. I know a LOT of people who use the same username and password for EVERYTHING so they can remember it easily. Kinda like writing the password down and sticking under your keyboard or sticky taping it to your monitor. I even know businesses who do that too. If you really want to be scared, the next time you go to your bank or other important place where you feel your stuff is secure...ask to see the bottom of their keyboard and see how they react.... Quote
pf4edward Posted December 6, 2016 Report Posted December 6, 2016 After all of this, i'm going with owncloud. check it out here @ https://owncloud.org/features/ leaving DropBox behind. Quote
smalpani7 Posted December 10, 2016 Report Posted December 10, 2016 OMG... Such a reputed is so vulnerable. Quote
rpsmith Posted December 10, 2016 Report Posted December 10, 2016 Hi,Although this is not my site, I use them frequently to generate new passwords. Check them out: https://lastpass.com/generatepassword.php Quote Free Video Chat Service! Get Connected And Stay Connected!Click Here!
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.