If users signed up to use Dropbox before mid-2012 and have not changed that password since then, they will need to update their password, according to Dropbox.
Motherboard reports that it got its hands on files containing the e-mail addresses and hashed passwords for the data set through what the publication says are sources in the database trading community.
Plus, those affected can expect to be prompted to update their password the next time they visit dropbox.com.
Dropbox says this is all purely preventative. It has seen no indication that accounts have been improperly accessed.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now