Dropbox: Base with email addresses was stolen from employee account

Last week, Dropbox launched an investigation into the spam messages received by users on their mailboxes associated with a Dropbox account. That's what they wrote today on the Dropbox blog .

“Our investigation revealed that logins and passwords recently stolen from other websites were used to sign in to some Dropbox accounts. We contacted these users and helped them protect their accounts.

The stolen login and password was also used to access the account of one of Dropbox employees, which contained a working paper with user email addresses. We believe that this unauthorized access has caused spam. We regret it, and added new security features to prevent this from happening again. ”
')
In this regard, Dropbox asks not to use the same password on different sites and enhances security measures:

• A couple of weeks will add two-factor authentication
• Add new mechanisms to detect suspicious activity.
• Add logging of all successful logins to your account.
• Sometimes you may be asked to change your password (if it is very simple or you have not changed it for a very long time.