Dropbox reset users passwords for those who were registered from 2012, because they haven’t changed there passwords since 2012, following the discovery of a file containing hashed and salted passwords that were obtained in previous security breach.
Motherboard reported, that Dropbox suffered from security breach and were hacked in 2012, Hacker’s were able to dump 63 million usernames and passwords.
If you hadn’t changed your password since mid-2012, there’s not much reason to worry: since Dropbox forced a password reset on those accounts, the old one hackers found in the file wouldn’t be of any use. In addition, 32 million of the passwords were found to be strongly hashed using bcrypt, while the rest used the slightly weaker SHA-1 algorithm. The passwords had also been salted, i.e. appended with a random string of characters to obscure them further.
However, if you’re using the same email address and passwords on other services like Dropbox or social media sites then you might need to update these passwords. Those hackers can target other services from Dropbox data dumps because they already know about your old email address and passwords.
According to TroyHunt.com
I head off to my 1Password and check my Dropbox entry only to find that I last changed the password in 2014, so well after the breach took place. My wife, however, was a different story. Well it was partly the same, she too had an entry in the breach:
But here’s where things differed: