Home / Early Warning / Cybersecurity Highlights / Published list of Dropbox users and passwords

Published list of Dropbox users and passwords


An anonymous user has published in Pastebin a list of a few hundreds of Dropbox user and password pairs. This user claims having obtained a total of 7,000,000 credentials, which would be published in case of receiving enough Bitcoin donations. Several Reddit users have confirmed that some of the published credentials are working.

Subsequently, Dropbox has published a post denying that they have been hacked, and stating that the published credentials would have been stolen from services not related to their system. Nevertheless, Dropbox has reset the passwords of all accounts in which they have detected suspicious logins. In addition, they claim that part of the published credentials do not correspond to Dropbox users.