On October 13, 2014, a text file with approximately 400 email addresses and passwords were posted on www.pastebin.com. The message in the file claims that Dropbox was hacked and the 400 email addresses and passwords are just some of the 6,937,081 Dropbox users' credentials that were stolen. The anonymous person who posted the file claims that he/she will release more of Dropbox's users email addresses and passwords as more Bitcoins are donated.
A Part of the Text File That was uploaded to PasteBin.com
***** DROPBOX HACKED *****
6,937,081 DROPBOX ACCOUNTS HACKED
PHOTOS - VIDEOS - OTHER FILES
MORE BITCOIN = MORE ACCOUNTS PUBLISHED ON PASTEBIN
As more BTC is donated , More pastebin pastes will appear
To find them, simply search for "DROPBOX HACKED" and you will see any additional pastes as they are published.
FIRST TEASER - 400 DROPBOX ACCOUNTS Just to get things going...
SEND BTC DONATIONS TO 1Fw7QqUgzbns7yWHH32UnmMxmMMwu6MC6h
COME BACK AND CHECK PASTEBIN FOR NEW DROPBOX DROPS
THE MORE BTC DONATED WILL REFLECT HOW MANY MORE LOGIN AND PASSWORDS
ARE RELEASED PUBLIC.
START OF DROPBOX HACKED ACCOUNT LOGIN AND PASSWORDS
But, Dropbox hit back, claiming that the usernames and passwords in the file posted on www.Pastebin.com were not stolen from Dropbox and are claiming without a doubt that their servers were not hacked.
This is what Dropbox has to say about the email and password leak or hack:
Dropbox wasn’t hacked
Posted by Anton Mityagin on October 13, 2014
Recent news articles claiming that Dropbox was hacked aren’t true. Your stuff is safe. The usernames and passwords referenced in these articles were stolen from unrelated services, not Dropbox.
Attackers then used these stolen credentials to try to log in to sites across the internet, including Dropbox. We have measures in place to detect suspicious login activity and we automatically reset passwords when it happens.
Attacks like these are one of the reasons why we strongly encourage users not to reuse passwords across services. For an added layer of security, we always recommend enabling 2 step verification on our account.