Every single Dropbox user, whether they store anything important on there or not, should go and change their password and enable two-factor authentication immediately, because millions of Dropbox log-in credentials have been stolen via third-party sites. It looks like Dropbox isn’t have a good time of it lately.
According to users on Reddit several Pastebin files have been posted containing log-in information for some seven million Dropbox accounts. According to reports from The Next Bin, these details are meant to entice people into donating bitcoins to the leaker who has promised to reveal more user info.
A number of outlets originally reported that the service had been hacked, but according to Dropbox itself user details were stolen from other services. The company claims that the majority of the passwords posted have expired, and all the valid passwords posted have been expired since.
Regardless, this is a big thing and you should log on, change your password, and check the device list to make sure no unauthorised users have been peeking at your files. Make sure you’ve got two-factor authentication enabled as well, with these sorts of leaks happening more and more often it’s important you safeguard yourself.