A representative from Dropbox told BuzzFeed News that its security has not been compromised following reports that the service had been hacked.
"Dropbox has not been hacked," a spokesperson for the company told BuzzFeed News. "These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts. We'd previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well."
Still, Dropbox appears to have fallen victim to a potential leak that sits outside of its internal security. Snapchat last week said "illegal" third-party services were to blame for a massive leak of photos from its users. While Dropbox's own services may be secure, there are other potential ways of breaking into an account if it does not have a secure password or does not have two-factor authentication enabled.
As is the case with any potential leak, it is recommended that users change their passwords and enable two-factor authentication, an additional service Dropbox provides that prevents other people from logging into an account without credentials sent to the owner's phone.
Matthew Lynley is a business reporter for BuzzFeed News in San Francisco. Lynley reports on Silicon Valley and the tech industry.
Contact Matthew Lynley at firstname.lastname@example.org.
Got a confidential tip? Submit it here.