Back in August, there were reports coming out which showed that there were 60 million account details that had been stolen from the popular online storage forum, Dropbox. The details that emerged showed that the hack was from a previous hack, but it was also indicated that the scale of the data breach was unknown at the time.
However, there has been a new development concerning the issue of the hacked accounts. Now anyone who wants the data can freely download it from the Internet. The data which was taken numbered about 68,680,741 accounts which all contained an email address plus a hashed password. On Monday, one security researcher known as Thomas White, or his other alias, The Cthluhu managed to upload a full dump of the data on his website. He claims that the move would be able to help the researchers better examine the breach.
Writing on his site about the data dump, White said that he was keeping the information public to help those researchers who could not get legit data to investigate from anywhere. White is known to have mirrored some previous large scale data breaches already. Some of the data leaks he has mirrored include the infamous Ashley Madison leaks which took place last year, some user accounts for Myspace and various other sites on the internet.
About 32 million pf the Dropbox passwords which were found on the data leak at least contained strong hashing function bcrypt which meant that the hackers are not going to get the passwords of most people easily, they would have to work for them. The rest of the passwords from the data dump seem to have been hashed with another algorithm, the SHA-1 method. They also seem to have been added with a salt thereby helping with their security and strengthening the end result. The dump does not include many of the salts which means hackers would have big problems trying to learn the true passwords.
A spokesperson for the company told reporters earlier that they had not yet seen any evidence in the malicious access of the accounts since the breach occurred. The breach is believed to have taken place back in 2012. The data hack came out after a data dealer was seen selling the Dropbox data files on the dark web for just $1,200.
Most if the data breaches have been widely reported long after they have already gone up for sale. During the summer period, revelations about many data breaches for many sites including m Myspace and LinkedIn were done.