Security & Fraud

Hackers Have Field Day With 70M Dropbox Accounts

CyberScout

In hacking, as in politics, ruining people is considered sport. As noted by Business Insider on Wednesday (Aug. 31), login details tied to as many as 70 million users from Dropbox wound up being leaked across the web, and an old-age no-no — namely, that of password reuse — stands as the reason behind the latest infiltration.

The roots trace back several years for this new leak — in fact, back to 2012. That year, the company disclosed that unauthorized access to documents detailing email addresses had been permitted. The new ripples surfaced last week, said the storage company, where users who had not changed passwords since four years ago were mandated to change them as a “preventative measure,” and that came in the wake of the discovery that encrypted passwords also had been co-opted.

The tally stands now that as many as 70 million users have been bedeviled by the hack. And, said Business Insider, the genesis of the longstanding and widespread breach came as an employee used passwords across more than one site, which is a “big security no-no” and can compromise security. The best defense, as experts have noted in the past, is to have multiple passwords across multiple sites.

Business Insider also noted that users can check to see if they have been compromised via Have I Been Pwned?, which is a search engine that covers data breaches and hacks.

——————————

New PYMNTS Report: Preventing Financial Crimes Playbook – July 2020 

Call it the great tug-of-war. Fraudsters are teaming up to form elaborate rings that work in sync to launch account takeovers. Chris Tremont, EVP at Radius Bank, tells PYMNTS that financial institutions (FIs) can beat such highly organized fraudsters at their own game. In the July 2020 Preventing Financial Crimes Playbook, Tremont lays out how.

Click to comment

TRENDING RIGHT NOW