Watchtower - Opera and Dropbox require a password change

I read two security buttetins that should be considered for Watchtower:

Opera server breach incident
https://www.opera.com/blogs/security/2016/08/opera-server-breach-incident/
In this article they wrote: "Earlier this week, we detected signs of an attack where access was gained to the Opera sync system".
They also wrote: "we have reset all the Opera sync account passwords as a precaution".

Dropbox Password Reset Required
https://www.dropbox.com/help/9257?oref=e
In the article you can read that "users who Signed up to use Dropbox before mid-2012, and Have not changed their password since mid-2012" must Change their passwords.

I think both issues should be added to Watchtower.

Comments

  • OLLI_SOLLI_S
    edited August 2016

    I am on Holidays and just have my small tablet with me, so I just had a quick look a tthe Dropbox article.

    There I read the reason why the pasword change is recommended:
    Our security teams are always watching out for new threats to our users. As part of these ongoing efforts, we learned about an old set of Dropbox user credentials (email addresses plus hashed and salted passwords) that we believe were obtained in 2012. Our analysis suggests that the credentials relate to an incident we disclosed around that time.

    So if a user has not changed his password since mid-2012, then he might be affected.
    And this should be the benefit of Wantchtower: 1Password can analyze the modification date of an entry and see when the Password was changed. So 1Password can recommend to change the Dropbox password if this is needed (if it is older than mid-2012).

  • sjksjk oversoul

    Team Member

    Hi @OLLI_S and @Bernfrin,

    Andrew has already commented about these in another discussion.

    Opera server breach incident

    See this post.

    Dropbox Password Reset Required

    See this post and ones after it.

    Cheers!

This discussion has been closed.