ShellCodeX Breach Report
Dropbox Data Breach
dropbox.com
Verified breach
Passwords exposed
Accounts exposed
68,648,009
Breach date
01 Jul 2012
Added to tracker
31 Aug 2016
Data classes
2
What happened
In mid-2012, Dropbox suffered a data breach which exposed the stored credentials of tens of millions of their customers. In August 2016, they forced password resets for customers they believed may be at risk. A large volume of data totalling over 68 million records was subsequently traded online and included email addresses and salted hashes of passwords (half of them SHA1, half of them bcrypt).
Exposed data
Email addresses
Passwords
Recommended actions
- Change your Dropbox password immediately, and update it anywhere you reused the same password.
- Enable two-factor authentication on the affected account and on your critical services (email, banking).
- Watch for targeted phishing emails referencing Dropbox โ attackers weaponise breach data quickly.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP