Dropbox confirmed Wednesday that a data breach discovered and disclosed in 2012 was bigger than previously known and according to one report could involve almost 69 million accounts.
The cloud-storage company said it reset the passwords last week of all affected users — people who signed up for accounts before the middle of 2012 and hadn’t changed their passwords since then. The company confirmed that more than 60 million accounts were affected. Vice’s Motherboard website earlier reported the figure.
“This is not a new security incident, and there is no indication that Dropbox user accounts have been improperly accessed,” Patrick Heim, head of trust and security at Dropbox, said in a statement. “We can confirm that the scope of the password reset we completed last week did protect all impacted users. Even if these passwords are cracked, the password reset means they can’t be used to access Dropbox accounts.”