13 of 20Image
Nvidia developer forums hacked, company investigates
Graphics unit maker Nvidia suffered a relatively minor security breach that affected the firm's developer forums. Coming only a few weeks after the LinkedIn, eHarmony, and Last.fm password debacles, by comparison the breach was not as bad as those who suffered breaches earlier.
The firm said that it had secured the hashed passwords with "random salt values" making it slightly more difficult for the passwords to be decrypted, but Nvidia still sent all of its forum users a temporary password that must be changed on first use.
Formspring password breach, mass password reset follows
Formspring was also next on the list of companies to be attacked and passwords stolen. As soon as the firm realized there had been a security breach, Formspring sent out an email to those affected asking them to change their password.
Around 420,000 password hashes were posted to a security forum, but username and other data were not submitted, making it almost impossible to do anything with. However, the form-based question firm used the SHA-256 algorithm to secure its user's accounts and passwords were hashed with random salts. Formspring now uses bcrypt in order to secure accounts even further.
August: Dropbox hacked (again…)
One of the world's most used cloud-storage services was attacked by hackers -- and not for the first time -- which led to spam messages being sent to email accounts used in some cases exclusively for Dropbox. The security community was quick to claim there had been a data breach, but Dropbox held off with any definitive answers for some days.
Eventually, the firm said that usernames and passwords stolen from other sites, such as LinkedIn, eHarmony, and Last.fm, were used to gain access to some Dropbox accounts. Along with this, a stolen password was also used to access a Dropbox employee's account with passwords as part of an internal project.
The firm then put in place additional security measures and has since implemented two-factor authentication, requiring two proofs of identity, such as those sent to your mobile device.