NEW YORK (CNNMoney) — A group of anonymous hackers claims to have stolen nearly 7 million Dropbox username and password combinations. But Dropbox denied that it was hacked.
The hackers have posted several hundred email addresses and passwords so far on Pastebin.com, releasing more logins as they receive more bitcoin donations.
“Your stuff is safe,” Dropbox said in a blog post. “The usernames and passwords … were stolen from unrelated services, not Dropbox.”
It’s not clear which service or services the passwords were stolen from. Some third-party apps allow people to manage their Dropbox files, but a Dropbox spokesman wouldn’t name any potential culprit.
It’s possible that some people used the same login information for Dropbox that they used for the third-party app.
Dropbox says it constantly monitors its accounts for suspicious activity, and it will reset customers’ passwords when necessary. It also advised customers to take steps to further protect their Dropbox accounts, such as creating a stronger password and using an extra security feature called two-step authentication.
