A friend had his Dropbox cloud storage account hacked into a couple of weeks ago and lost a lot of data.
Depending on how actively you use the service, you might have:
- Marketing plans
- Financial accounts, business expenses
- Campaign data
- Business presentations
- Logins to various other online services like PayPal, affiliate network logins, business tools
So the idea that someone hacked into your account and make a copy of everything and/or wiped everything is a nightmare.
In a blog post, Dropbox has said its security systems weren’t compromised, but rather hackers used a list of logins and passwords obtained from other services and tried them on Dropbox and other websites. The lesson is that if you use the same login/email and password on your Internet banking/PayPal/Bitcoin account as you do on a Flash arcade site and the arcade site gets hacked into, then your accounts are very exposed.
The workaround for this is, sure, use that “SuperBaller” login and “Password123? logins for throwaway sites. But you should use unique passwords, preferably containing a combination of upper and lower case letters and numbers and have a unique password for each site. Note that some password storage services like LastPass may be vulnerable if you’re using the same login/password combination for those accounts too.
Once you’ve come up with something unique, you probably don’t want to have it sitting in your Google Drive or webmail account. Some might prefer to use a password storage app on their desktop or cell phone. Writing it in a diary (the dead tree kind) also works. Keeping multiple copies of the password in a locked drawer with your ID and bank documents also works well.
The other recommendation, to enabled 2-factor authentication, is also a good one. This is where you need to authenticate yourself on a second channel (typically via email or mobile-based text message) when you’re adding a new machine or change payment settings for some of your accounts. Lifehacker did a pretty good feature on 2-factor authentication (http://lifehacker.com/5938565/heres-everywhere-you-should-enable-two-factor-authentication-right-now). And you can also read Dropbox’s instructional post about enabling 2-factor auth for its services here (https://blog.dropbox.com/2014/10/have-you-enabled-two-step-verification/).
The more sensitive data for an Internet marketer will include
- Banking/e-payment payment accounts
- Financial accounts – related to Bitcoin/crypto coins, stock, forex, options trading
- Affiliate network accounts
- Ad network accounts
Importantly, if you have accounts at game networks like Kongregate, Newgrounds, etc, you should use your throwaway account (unless you’re spending a couple of hundred bucks there each month, in which case, you might want to have your own special account too).
Losing access to stuff you do business with majorly sucks, so it’s better to be safe than sorry.