Hackers now-a-days targeting the users’ online accounts instead of credit or debit cards hack, don’t know why, but these hacks are being done on a large scale. Recently, Hackers posted nearly 7 Million dropbox users’ account credentials online, and this was claimed at that moment, but later various sources reported about the hack—IT is Real.
After the news came out, Dropbox reportedly started doing research on the hack, and later it is confirmed by the Anton Mityagin, a security engineer for Dropbox, that The Dropbox system are secure and these leaks are the result of any 3rd Party service hack, which users use to sync the dropbox users’ data.
Well, if a Hacker not able to hack the genuine place or stuff like in the Dropbox Hack, then he/she will go on to the 3rd Party Flaw, by which the targeted user account will be hacked, who uses that vulnerable 3rd Party service app or services.
Recently leaked pictures from the Apple iCloud server also seems to an example of a 3rd Party hack, as Apple too later confirmed about the hack, that it is not connected to the iCloud Services, It could be a 3rd Party hack or a phishing attack.
One of the person on the social site reddit, says that their are a total of 6,937,081 accounts whose credentials leaked online. Users on Reddit too confirmed the credentials by logging in and found many of them working.
Mityagin said that the attacker in this case used the stolen credentials across a variety of websites, with Dropbox just one of them.
Dropbox has certain security measures in effect that could pinpoint any suspicious attempts to log-in, with an automatic response of resetting the account’s password when such activity is detected, he added.
“Attacks like these are one of the reasons why we strongly encourage users not to reuse passwords across services,” Mityagin said.
It is also recommended by the Dropbox that— users should use two-step verification system for their accounts.
“It’s a shared responsibility — the providers’ responsibility is to protect the service, but the users’ responsibility is to protect their credentials,” said Adallom senior vice president Tal Klein. “Every time you put data in the cloud, you need to do a quick summation of how valuable the data is and how it should be protected.”
Please check for your account if it is hacked, because it is not a Geo-targeted attack and anyone from the world could be the victim of the attacker, in fact me too.