If you had a Dropbox account in mid-2012, your email address and password may be compromised.
Hackers obtained around 68 million email accounts at that time – and it was recently revealed that passwords were also at risk. The database was sent to Motherboard by the breach notification service Leakbase.
In a blog post, Dropbox wrote, "If you signed up for Dropbox prior to mid-2012 and haven’t changed your password since, you’ll be prompted to update it the next time you sign in."
The forced reset is a "purely preventative measure," according to the company.
You can check if your email address has been a part of a breach at haveibeenpwned.com.
The site reveals which data associated with your email has been compromised.
Change your Dropbox password here – and enable two-step verification if you haven't already.
While you're at it, add a PIN to your phone number.
Hackers can bypass two-factor authentication by providing your name and last four digits of your social security number to your mobile carrier. It's easy to add an extra layer of security to your phone number, and here's how to do it.