Last week’s request by one of the most popular cloud storage and data sharing services, asking users who created accounts before mid-2012 should be seen as a wake-up call. Not only does it show that the possibility of security breaches, the wait of about four years before performing a password reset on those accounts should not go unnoticed.
The issue which is receiving the most attention, with fairly good reason, is why passwords, especially if the same user name or email address is used, should be unique. It is all too common for users, even some professionals within the industry to be lazy and reuse passwords or a variation of the same one, which could make other accounts owned by that user vulnerable.
Another issue is that some accounts were successfully accessed, meaning that data could be potentially stolen or even altered by those gaining illegal access. If any data is altered it would then have been propagated back to any computer, the real owner of the account has reconnected back to the service.
If you are relying on backing up any changes to data and your account was one which was affected, it is important to ensure all computers attaching to the service are reconfigured using the new password. If this is not done, it could result in important data not being backed up, which if not noticed and a failure occurs to the computer, that data could potentially be lost and require data recovery services to access it.