Newsroom

Recent reports reveal the Dropbox data breach in 2012 resulted in the leaking of as many as 68 million customer passwords, but Dropbox told Forbes it does not believe any accounts were "improperly accessed."

Half of the passwords were protected by an algorithm called bcrypt which Dropbox believes has protected them from being successfully used. The other half of the leaked passwords were protected by a weaker algorithm calls SHA1, but Dropbox "salted" the algorithm by adding random data that should have made it more difficult to crack. The leaked data did not include information on the "salts."

Dropbox also said it has forced a password reset on users who had not already updated their passwords since 2012.

Forbes noted that simple passwords like "123456" would still be easy for hackers to find in the leaked data, highlighting the importance of strong password use.

NAFCU continues to call for lawmakers to move forward with H.R. 2205/S. 961, the "Data Security Act," which would set national data security standards and hold merchants accountable for breaches of consumers' sensitive and personally identifiable data.