|
Since Monday night, October 13, 2014, there has been a debate about the theft of almost 7 million Dropbox account credentials. While Dropbox has issued a statement that they were not compromised and that the information was taken from other services, it is still an area of concern for Dropbox account holders, particularly for those who have used the same password across multiple online accounts.
What should you do?
To reduce your risk and protect your privacy, follow these guidelines for all of your accounts:
- Change your password when there is news that a service has been breached. Whenever there is any chance that credentials have been compromised, act quickly! Log in directly to the online service and change your password.
- Don’t fall for phishing messages that send you links to change your password. Report any suspicious email attempts to reset your Dropbox password or any other service to LTS Information Security (security@lehigh.edu) for evaluation.
- Use "Two-step Authentication" if possible. Like many services, Dropbox offers the option to use "something you have", such as your smartphone, to provide a second factor for authentication.
- Avoid using the same password across multiple accounts. If you use the same password for different Internet services and that password matches your Dropbox account password, change those as well and make each password unique. LTS Information Security can provide training and recommendations on best practices.
- If in doubt, contact us at the Help Desk (610-758-HELP) or email Information Security at security@lehigh.edu
What is LTS doing?
LTS Information Security will continue to monitor the situation and provide updates to the community as necessary. Please see the LTS Alerts on the Inside Lehigh page for continuing updates as they become available.
Sara Rodgers
Chief Information Security Officer
Library & Technology Services
610-758-2008
Keith Hartranft CISSP, PCI-DSS ISA & PCIP
Information Security & Policy Officer
Library & Technology Services
610-758-3994
|
