Hackers breached Dropbox back in 2012 and leaked more than 68 million user email addresses and passwords online. At the time, the hosting service only reported the leak of user email addresses, but not passwords. This fact only came to light when the database was obtained by security notification service Leakbase. The independent security researcher and operator of the data leak database verified the details of both his and his wife’s accounts.

68m Dropbox User Passwords Leaked Online

As a result, Dropbox sent out warnings to all users who had not changed their passwords since 2012, when it had about 100m customers. In other words, the data dump represents over 2/3 of its user accounts. At the time, the service had a good user data security practice by encrypting the passwords and upgrading the encryption to a more secure standard. However, 50% of passwords were still encrypted with the old standard at the time of the hack.

Apparently, the original breach resulted from the reuse of a Dropbox employee’s password on LinkedIn. The latter also suffered a breach, which revealed the password and thus allowed the hackers to enter Dropbox’s corporate network. The intruders then obtained access to the user database with encrypted passwords. The file-hosting company reset part of user passwords at the time, but didn’t reveal precisely how many.

Security experts reiterate that the hack once again highlighted the need for tight security, both at the user end and for the companies storing user data. While users must use strong passwords, enable two-step authentication and avoid reusing passwords, companies must take further steps to secure their databases – even with solid encryption practices, Dropbox still fell foul of password reuse.

Meanwhile, Dropbox claimed that there was no indication that Dropbox user accounts have been improperly accessed, pointing out that the credentials are user email addresses with hashed and “salted” passwords that were valid before 2012. The company explained that the scope of the completed password reset protected all impacted users.

Some specialists advise using a password manager in order to secure the scores of unique and complex passwords required to properly secure various login details. However, the latest attacks on such companies as Opera, which stores and syncs user passwords, and password manager OneLogin, have shown the dangers of using such a tool.

Apple is going to repatriate offshore profits to the US in 2017 through paying billions of dollars in deferred taxes to the US Treasury. Tom Cook provided a summary of Apple’s 2014 tax affairs, citing the Irish and US taxes as $400M each. He provisioned several billion for the US for payment as soon as Apple repatriated. However, this revelation came as a surprise due to Apple’s previous refusal to countenance such a move.

Apple Plans to Repatriate Billions to the United States

Apple is no different from many US multinationals, who have for decades been pooling their non-US profits outside of the US. Exploiting loopholes in the tax laws, tech giants can defer US taxes continually so long as income is not repatriated to the US. Apple’s cash held offshore is $214.8bn, which is the largest of any American company.

Apple was recently accused by the European Commission of receiving state aid from Ireland, and immediately took a decision to repatriate foreign profits. The European regulators claimed that Apple’s Irish-registered companies were allowed to pass billions of income untaxed. However, both Apple and Ireland have denied any wrongdoing and promised to appeal against the decision. In response, some American politicians called it a political attack.

Previously, Tim Cook had consistently said he would not repatriate Apple profits to the United States until it decreases the US tax rate, because today it would cost him 40% to bring it home, which is clearly not a reasonable thing. The matter is that Apple makes large provisions for US taxes in its annual report, which allows the company to claim that it has an effective tax rate of 26% – this is much higher than many other tech firms.

However, behind these accounting provisions Apple has made clear it is not going to repatriate profits and really pay these taxes while the current tax rate is maintained that high. In other words, its reported tax rate is just an accounting fiction.

A federal tax rate in the United States is 35% on corporate profits and is regarded one of the highest in the world. Moreover, businesses can also end up paying an additional 5% in local state taxes on top of it. In reality, loopholes in the country’s tax code allow US tech giants to aggressively defer tax payments until any income earned outside the country is kept offshore. This is how many multinationals achieve some of the lowest effective tax rates ever.