Dropbox is recommending to some users update the log in credentials for their account because a group of member emails and passwords may have been compromised.
The cloud-storage company said its security staffers learned that email addresses along with hashed and salted passwords may have been obtained by malicious actors back in 2012. At that time the company reported that user credentials had been stolen from other websites that were used to sign into Dropbox. Dropbox has started informing those possibly impacted via email prompting them to update their user credentials.
“Based on our threat monitoring and the way we secure passwords, we don't believe that any accounts have been improperly accessed. Still, as one of many precautions, we're requiring anyone who hasn't changed their password since mid-2012 to update it the next time they sign in,” the company wrote.