Web

Dropbox user email addresses stolen: New security features added

dropbox-logo-large

Have you noticed an unusual amount of spam pouring into your email inbox? If so, you’re not alone. Dropbox revealed on Tuesday that, earlier this month, an untold number of the cloud storage service’s users reported receiving spam to email addresses only linked to Dropbox. The company says that it has contacted all users whose accounts were compromised, so if you haven’t received a notice, you should be in the clear.

The spamer-hackers were able to access Dropbox user emails in two ways, according to the company: First, “usernames and passwords recently stolen from other websites were used to sign in to a small number of Dropbox accounts,” wrote Aditya Agarwal, Dropbox’s vice president of engineering in a post on the company blog. Second, a “stolen password was also used to access and employee Dropbox account containing a project document with user email addresses.”

“We believe this improper access is what led to the spam,” wrote Agarwal. “We’re sorry about this, and have put addtional controls in place to make sure it doesn’t happen again.”

As Agarwal writes, these “additional controls” include:

  • Two-factor authentication, a way to optionally require two proofs of identity (such as your password and a temporary code sent to your phone) when signing in. (Coming in a few weeks)
  • New automated mechanisms to help identify suspicious activity. We’ll continue to add more of these over time.
  • A new page that lets you examine all active logins to your account.
  • In some cases, we may require you to change your password. (For example, if it’s commonly used or hasn’t been changed in a long time)

Agarwal goes on to warn users against using the same password across multiple online accounts — good advice, by any measure. Really, you should never, ever, ever use the same password for many accounts, since the hacking of one account means all other accounts using the same login credentials are also compromised. Agarwal recommends that users check out password protection tools like 1Password, which “can help you manage strong passwords across multiple sites.” Again, solid advice.

The leaked passwords were first reported by Sarah Perez of TechCrunch on July 17, after a number of international users began reporting the appearance of spam in their Dropbox-only email inboxes on the Dropbox forums. Within hours, Dropbox responded to its users, saying that it was “actively investigating your reports.”

Social Media

Tumblr promises it fixed a bug that left user data exposed

A bug on blogging site Tumblr left user data exposed. The company says that once it learned of the flaw, it acted quickly to fix it, adding that it's confident no data linked to its users' accounts was stolen.
Computing

Protecting your PDF with a password isn't difficult. Just follow these steps

If you need to learn how to password protect a PDF, you have come to the right place. This guide will walk you through the process of protecting your documents step by step, whether you're running a MacOS or Windows machine.
Computing

How to protect your iCloud account

From Chinese hacking to identity theft, it's not surprising if you're a little worried about your iCloud data. Here's how to protect your iCloud account with a few simple security steps. It will only take a few minutes, and we'll walk you…
Computing

Was your Facebook account hacked in the latest breach? Here’s how to find out

Facebook now reports that its latest data breach affected only 30 million users, down from an initial estimate of 50 million accounts. You can also find out if hackers had accessed your account by visiting a dedicated portal.
Mobile

Pixel 3, Home Hub, and Pixel Slate — our first look at all Google’s new devices

Google has taken the wraps off of a slew of new devices, including the Pixel 3 smartphones, Google Home Hub smart display, Google Pixel Slate tablet, and more. We were at the event, and took a ton of photos of all of Google's new products.
Music

Spotify vs. Pandora: Which music streaming service is better for you?

Which music streaming platform is best for you? We pit Spotify versus Pandora, two mighty streaming services with on-demand music and massive catalogs, comparing every facet of the two services to help you decide which is best.
Mobile

PayPal will soon let you withdraw cash at Walmart, but there’s a catch

PayPal has teamed up with Walmart to allow its account holders to withdraw and deposit cash at the store. The service launches at all Walmart stores across the U.S. in early November, but there's a catch.
Computing

Here's how to download a YouTube video to watch offline later

Learning how to download YouTube videos is easier than you might think. There are plenty of great tools you can use, both online and offline. These are our favorites and a step by step guide on how to use them.
Cars

Carbuying can be exhausting: Here are the best used car websites to make it easier

Shopping for a used car isn't easy, especially when the salesman is looking to make a quick sale. Thankfully, there are plenty of sites aimed at the prospective buyer, whether you're looking for a sedan or a newfangled hybrid.
Computing

How to recover Google contacts

If you accidentally deleted an important person from your Google Contacts, they might not be lost forever. Recovering them is a fairly easy process -- as long as you do it quickly. Here's how.
Computing

Afraid that Bitcoin could be a bubble? Here's how to sell what you've got

If you're investing in cryptocurrencies, it's important to have your exit strategy in place if prices start to crash. If you've decided it's time to get out or just want to learn how to sell Bitcoins, here's how to get started.
Computing

Don't take your ISP's word for it: Here's how to test your internet speed

If you're worried that you aren't getting the most from your internet package, speed tests are a great way to find out what your real connection is capable of. Here are the best internet speed tests available today.
Movies & TV

'Prime'-time TV: Here are the best shows on Amazon Prime right now

There's more to Amazon Prime than free two-day shipping, including access to a number of phenomenal shows at no extra cost. To make the sifting easier, here are our favorite shows currently streaming on Amazon Prime.
Computing

Your ‘Do Not Track’ tool might be helping websites track you, study says

New research from the "Do Not Track" features embedded in popular browsers are being ignored, opening up the possibility of consumers having their information targeted by specific ads based on their web histories and cookies.