Data Breach

Dropbox Data Breach

68.0M records exposed • July 2012

A Dropbox employee used the same password at LinkedIn and Dropbox. When LinkedIn was hacked, attackers used that password to break into Dropbox and steal 68 million accounts.

What Happened

Dropbox was breached in 2012 but the full extent was not known until 2016 when the data appeared for sale online. The breach originated from a Dropbox employee reusing their LinkedIn password.

Attack method: Credential stuffing from LinkedIn breach

What Data Was Exposed

Email addresses, Hashed passwords

Is your business exposed?

What to Do If You're Affected

1.
Change your Dropbox password
2.
Never reuse passwords across services
3.
Use a password manager

Lessons for Businesses

• Password reuse by employees can compromise entire companies
• Breaches may not be fully understood for years
• Employee security training is critical

Sources

https://www.troyhunt.com/the-dropbox-hack-is-real/

Related Breaches

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required