Under Review: 
No Review
Date Breach Made Public: 
July 17, 2012
San Francisco , CA
United States
California US
Records Breached: 


Breach Total Number: 
Year of Breach: 
Type of organization: 
Type of breach: 

Dropbox users began receiving spam from email sources posing as Dropbox.  Many users claim that Dropbox must have suffered a breach because email addresses they used specifically and solely for Dropbox were compromised.

UPDATE (07/20/2012): Dropbox investigated customer concerns of a data breach but could not find any evidence of an unauthorized intrusion or activity as of July 20.

UPDATE (07/31/2012): Dropbox has confirmed that some accounts were accessed by hackers. One of the compromised accounts was that of a Dropbox employee.  The employee's account contained a project document of user email addresses.  Dropbox required some users to change their passwords and increased their security by adding a two-factor authentication system, new automated mechanisms to help identify suspicious activity, and a page that allows users to monitor active logins to their accounts.