The Great DropBox Hacker Scandal: Keep Calm and Carry On!

The Great DropBox Hacker Scandal
Lynn Serafinn tells how to keep your DropBox account secure, and suggests ethical, responsible ways to respond to hackers and other blips in cyberspace.

Yesterday, there was a big buzz on social media suggesting that DropBox, the preferred cloud storage service for so many of us, had been hacked.

Before I say anything more, let me assure you:

Nobody hacked into DropBox.

Some unscrupulous person(s) stole a few hundred expired DropBox user names and passwords from someone else (not DropBox, apparently). They then shared them on the popular bookmarking site Reddit, with a promise to share millions more if people gave them money.

Yes, I know. It sounds insane.

When the alarm went out, DropBox was quick to respond, explaining that the usernames and passwords ‘were unfortunately stolen from other services and used in attempts to log into Dropbox accounts’. They went on to assure users that the passwords shared were all expired and useless.

The bottom line of all this:

DropBox itself was NOT hacked and there is no imminent threat to DropBox users.

I thought I’d get that out of the way as quickly as possible.

Nonetheless, as soon as the words ‘DropBox’ and ‘hacked’ leaked into the social net, people went into a panic. Many on Twitter, Facebook or in blog comment threads used it as an opportunity to ‘dis’ DropBox in favour of other cloud platforms. Others worked themselves into paranoia about the safety of cloud storage altogether.

Not Catering to Hacker Mentality

I can’t pretend to understand the mentality of a hacker, and I’m sure different hackers are motivated by different things. For example, in this scenario, they may have been targeting DropBox specifically, or they may have merely seized a random opportunity that presented itself. Regardless of their specific motivations, the one thing I’m certain every hacker desires is viral public reaction. As far as they’re concerned, the more panic they create, the better.

What’s interesting is that such panic often causes as much (or more) harm as the actual ‘attack’ (depending upon the extent of the attack, of course). An imagined threat can be just as powerful a force as a real one. To see an example of this, we only need to think back to the late 1990s when many people were hoarding food, household products and even guns in fear of the so-called Y2K doomsday, when the world of technology was supposed to end.

Cyber-terrorism is both unethical and irresponsible; the ends will never justify the means, especially when millions of people depend upon technology for their livelihood in one form or another. Even if hackers are trying to make some sort of idealistic or political statement, their actions can never be considered acceptable, as their ultimate aim is to create widespread social disturbance.

But no matter how destructive hackers are, I believe we, the public, have a duty of care when responding to such ‘attacks’, whether real or imagined. Even if hackers are unethical and irresponsible, it is up to us to respond to hackers ethically and responsibly.

What do I mean by that? I mean we should respond to cyber-attacks the same way we would respond to a natural disaster or other catastrophe:

  1. We take proper precautions to ensure our own safety.
  2. We don’t spread rumours without knowing the facts.
  3. We don’t contribute to public panic by allowing our own fear or anger to take over.

It’s not about being kind and understanding to hackers. It’s about being personally and socially responsible. Let’s walk through these three steps as they apply to the DropBox ‘scandal’.

How to Ensure the Safety of Your DropBox Account

Many times, when someone’s online account or blog gets hacked, it’s partially because they didn’t take the right precautions. Their passwords were too easy to guess (usually because they wanted to remember them) and they didn’t set up any extra security on their site or account. Last year, I wrote an article on ways to prevent your blog from getting hacked. After all, as the old saying goes, ‘An ounce of prevention is worth a pound of cure.’

This adage is no less relevant when it comes to cloud storage. Ensuring the safety of your DropBox account is really easy, as long as you take these precautions:

  1. Log into your DropBox account ONLINE ( and change your password. Be sure it’s a COMPLEX password that includes upper/lowercase letters, numbers and at least one symbol (such as ?!$, etc.). Do not use whole words or sequential number patterns.
  2. After you change your password, go to your account settings and enable the ‘2-step verification’ process. This extra step will require you to enter a verification code (DropBox will text this code to your mobile phone) when you log into a new device for the first time. This means no one else will be able to log into your account unless they have your mobile phone. You can also enter a backup phone number to use in case the other one gets lost or stolen.
  3. Change your password regularly (at least every couple of months). If you haven’t changed it since the recent ‘scare’, do it now, just in case. It’s not going to hurt anything.

Some people worry the 2-step verification will make it hard to access DropBox, but this is not the case. If you have downloaded DropBox onto your computer, you will still be able to access all your files from your documents list without having to log in. The log-in and verification are only used when you or someone else tries to access your account via the DropBox website (as a hacker would have to).

Don’t Spread Rumours without Knowing the Facts

Now let’s look at the wider issue of personal and social responsibility in the face of cyber-invaders.

It’s so tempting (and easy) to ReTweet and share things we see in cyberspace. But if we share things based solely upon the headlines without checking the facts behind them, we could unwittingly be giving strength to hoaxes and contributing to public frenzy.

Photos can be ‘visual rumours’ just as much as words can be verbal ones. Recently, one of my colleagues on Facebook exposed viral photos of alleged public disasters, all of which seem to have the same people in them. I remember back when Hurricane Sandy hit the shores of New Jersey, thousands of people on Twitter and Facebook passed around an ominous image that was allegedly a photo of the eye of the storm, when it was actually a still shot from a Hollywood disaster film. I have no idea who started the ‘practical joke’, but I don’t find this kind of noise particularly funny or helpful when so many people were in such genuine danger.

One of the main reasons I assured you DropBox had NOT been hacked right at the top of this article is that I know people often scan what they read online and then repeat what they’ve scanned. If I didn’t cut to the chase quickly, many people might have clicked away in a big panic and given energy to the rumour by passing around half-truths. It was better to nip the rumour in the bud, and explain the details after.

Don’t Allow Your Fear or Anger to Take Over

Hackers are like arsonists: they light the ‘fire’ and get excited when it goes out of control and creates a panic. When we allow our emotions to get out of control online, we’re only adding fuel to that fire, and giving greater satisfaction to the hacker. Really, the best way to diffuse a hacker (after you’ve put your technical precautions in place) is to ‘keep calm and carry on’.

It’s natural to feel violated when someone hacks into our account, and it’s difficult not to feel outraged. But if we allow our fears and anger to get the best of us, we’re bound to say things that contribute to other people’s fear and anger in a less than constructive way.

For example, the vast majority of the blog comments left on the articles I read about the DropBox issue blurred the issue and created a lot of irrelevant ‘noise’. Buried amidst all the shouting were a few useful comments, but I had to trawl through a lot of pointless venting and opportunistic spamming before I found them. While there’s nothing categorically wrong with people expressing their feelings, it was entirely misdirected: rather than attack DropBox and ‘the cloud’, they should have been angry at the hackers. Thus, I felt most of the commentary to be irresponsible, as it only served to distort the facts and contribute to public panic.

Expressing our emotions in a reckless way online (whether in words or images) can unsettle emotions in others. I cannot count the number of times (especially on Facebook and YouTube) I’ve seen someone post a provocative statement, video or image, only to result in a mud-slinging match of nasty, personal insults and even racists remarks. A few years ago, a good friend of mine sent me a photo he had seen, because he found it disturbing and didn’t know what to make of it. This photo depicted an atrocity being performed by a group of people from a specific ethnic group. Even though it was immediately apparent to me that this photo was a fake and had been doctored in Photoshop for the purpose of creating feelings of hatred toward that ethnic group, it upset me. In fact, I still feel sickened when I think of it.

But here are the big questions: How many others had shared this photo before (and after) my friend had shared it with me? How many of them felt anger boil inside them at the apparent atrocity they saw in the photo? How many of them had silent thoughts of bigotry (or at least racial stereotypes), as a result of seeing it? How many of them actually spoke these thoughts aloud? What really happened as a result of this fake picture? My guess is that, sadly, far more people became angry at the ethnic group than at the creators of the fake photo. Again, it’s a case of misdirected emotions.

When we express our thoughts and emotions in a socially responsible way, we stop the cycle of lies, hatred, snap judgements and destructiveness. When we take time to discern fact from fabrication, and give some forethought to the impact we’re likely to create by our responses, we start to quell the fires of the cyber-arsonists. We become conduits for useful information. We inspire respectful debate. We invite others to share their insights and we encourage collaborative problem-solving.

In short, when we make the choice to engage in constructive dialogue rather than succumb to the wildfire of a viral rant, we become living examples of all the 7 Graces:

7 Graces and 7 Deadly Sins of MarketingClosing Thoughts

I started this article talking about the supposed DropBox ‘hack’. While I hope the tips I’ve shared are useful to you in protecting your account, I hope you will consider some of the points I made about how we respond to hackers and other online ‘scandals’.

It really is a matter of choosing whether we want to be part of the problem or part of the solution.

If you’re a regular reader of this blog, I’m sure you’re the latter. If so, I invite you to subscribe so you can receive our twice-weekly articles, and join us in our ever-evolving 7 Graces community on Facebook.

Warm wishes,
Lynn Serafinn
15 October 2014

Like this blog?

Then please subscribe using the form at the upper right side of this page, so you can receive our articles to your inbox.

KINDLE users

You can help subsidise ethical marketing training courses for young social entrepreneurs in need. Just subscribe to the blog on Amazon for 99 cents a month (77p UK), and you’ll receive all our articles delivered directly to your Kindle device. All profits go to our 7 Graces Scholarship Fund. You can take a 14-day free trial before you decide. You’ll get a new article 2 or 3 times per week. Check it out at Amazon US or Amazon UK.

Looking for a Tribe?

Come join our 7 Graces group on Facebook, and join us at our monthly meetings. They’re free to attend and we have them both in person and online, so you can participate from anywhere in the world. This is NOT a “business group” but an active community where people actually know and support each other.

Find out more about how changing the paradigm can help make the world a better place:

The 7 Graces of Marketing BOOK COVER The 7 Graces of Marketing: how to heal humanity and the planet by changing the way we sell, by Lynn Serafinn, where you can learn how the 7 Deadly Sins and the 7 Graces impact the world through media and marketing. Brit Writers Awards Finalist eLit Book Awards Silver Medal in Humanitarian & Ecological Social Issues


Tweep-e-licious: 158 Twitter Tips & Strategies for Writers, Social Entrepreneurs & Changemakers Who Want to Market Their Business Ethically by Lynn Serafinn, which can help you learn how to create meaningful collaborations through Twitter and other social media. eLit Book Awards Bronze Medal in Business and Sales.

Get instant access to a free 90-minute Twitter marketing class at

The Social Entrepreneur's Guide to Successful BloggingComing later in 2014

The Social Entrepreneur’s Guide to Successful Blogging: An Effective, Creative & Ethical Way of Marketing for Visionaries & New Paradigm Business Leaders. To receive an update when that book is available, just click here. As a thank-you gift for showing your interest, you’ll get instant access to an exclusive, free 5-page PDF revealing the exact same blogging template we use with our clients and we teach to participants on the ethical marketing training courses at the 7 Graces Project.

Lynn Serafinn author of The 7 Graces of Marketing LYNN SERAFINN, MAED, CPCC is a certified, award-winning coach, teacher, marketer, social media expert, radio host, speaker and author of the number one bestseller The 7 Graces of Marketing — How to Heal Humanity and the Planet by Changing the Way We Sell and Tweep-e-licious! 158 Twitter Tips & Strategies for Writers, Social Entrepreneurs & Changemakers Who Want to Market their Business Ethically. She is listed in the Top 20 of the Top Marketing Authors on Twitter by Social Media Magazine and was a finalist for the prestigious Brit Writers Awards. She also received the eLit Book Awards Silver Medal in Humanitarian and Ecological Social Affairs, as well as the Bronze Medal in Business and Sales. Lynn’s eclectic approach to marketing incorporates her vast professional experience in the music industry and the educational sector along with more than two decades of study and practice of the spirituality of India. Her innovative marketing campaigns have produced a long list of bestselling non-fiction authors through her company Spirit Authors.

Lynn is also the Founder of the 7 Graces Project CIC, a not-for-profit social enterprise created to train, support, mentor and inspire independent business owners to market their business ethically, serve society and planet, and restore all that is best about humanity.

7 Graces Project CIC




This entry was posted in 7 Graces, Business Tips, Collaboration, Inspiration, Invitation, Lynn Serafinn, Marketing Tips, New Paradigm, News, Relationship with Others, Social Media, Twitter and tagged , , , , , , , , , . Bookmark the permalink.