The three breaches have continued to be a significant security issue for organizations around the world despite them being eight years old. In all three cases, the compromises began after phishing attacks were utilized against employees at each of the three companies. After infecting employee laptops with malware, Nikulin abused those employees’ access and VPNs to exfiltrate data from the corporate victim’s networks. All three breaches continue to be utilized by criminals in password spraying attacks against users of all kinds, from employees of corporations to major public figures. Often times utilizing a VPN to control remote access to corporate networks creates a false sense of security. While it does limit access to trusted devices, it does little to defend against trusted devices that have been compromised such as what happened in the case of these three companies. Endpoint Detection and Response (EDR) can help ensure that individual devices, including employee laptops, are monitored for compromises so that they can be blocked and remediation can take place before an attacker can exploit an employee’s access. Following major compromises, it is vital that potential victims change their passwords and use complex and unique passwords not only on the affected accounts but also on any other systems which users may have used a similar password. Multi-Factor Authentication (MFA) is still the best way to secure accounts from unauthorized access. More information on this incident can be found at https://www.zdnet.com/article/russian-hacker-found-guilty-for-dropbox-linkedin-and-formspring-breaches/