Dropbox
HighDropbox suffered a breach in 2012 exposing 68M records, including emails and hashed passwords.
- Records exposed
- 68,648,009 records
- Breach date
- Breach Jul 1, 2012
- Last update
- Updated Aug 31, 2016
What data was exposed?
Fields reported as compromised in this breach record.
Why does this breach matter?
In-depth analysis of the breach and its implications.
In July 2012, Dropbox experienced a security breach resulting in the exposure of user credentials from their database. The breach compromised over 68 million records containing email addresses and encrypted passwords—half hashed with SHA1 and the other half with bcrypt. The data remained undisclosed until August 2016, when Dropbox implemented proactive measures by forcing password resets for potentially affected accounts.
Impact Analysis
Understanding the scope and consequences of this breach.
- User Impact
- Users faced exposure of their email addresses and password hashes, increasing risk of credential stuffing.
- Business Impact
- Dropbox's reputation was affected, and it had to enforce password resets to mitigate user risk.
- Affected Sectors
- Technology
- Geographic Impact
- Global
What You Should Do
Recommended actions to take in response to this breach.
If You Were Affected
- •Change your Dropbox and similar service passwords.
- •Monitor accounts for unusual activity.
- •Enable two-factor authentication wherever possible.
Preventive Measures
- •Use a password manager to generate unique passwords for each account.
- •Enable two-factor authentication for added security.
- •Frequently review account permissions and activity logs.
Frequently Asked Questions
Common questions about this breach and what it means for you.