Dropbox reports unauthorized access to Dropbox Sign production environment affecting user data

DROPBOX, INC.

Threat actor accessed Dropbox Sign customer data including emails, usernames, phone numbers, hashed passwords, and authentication tokens.
Incident discovered on April 24, 2024; no evidence of access to account contents (documents/agreements) or payment information.
Dropbox believes the breach is isolated to Dropbox Sign infrastructure and did not affect other products like Dropbox cloud storage.
Company reset passwords, logged out users, rotated API keys and OAuth tokens, and notified law enforcement and regulators.
Dropbox states the incident has not had and is not reasonably likely to have a material impact on financial condition or operations.

Key facts

Extracted from this filing and checked against the source text.

Cybersecurity Incidents SEC 8-K Item 1.05 confidence 0.9

DROPBOX, INC. disclosed a cybersecurity incident: Unauthorized access to the Dropbox Sign (formerly HelloSign) production environment, accessing user data such as emails, usernames, account settings, and for some users phone numbers, hashed passwords, and authentication information. Impact: No evidence of access to user account contents or payment information; incident limited to Dropbox Sign infrastructure; no material impact on overall business operations determined. Company determined it not material. Discovered 2024-04-24.

Nature: Unauthorized access to the Dropbox Sign (formerly HelloSign) production environment, accessing user data such as emails, usernames, account settings, and for some users phone numbers, hashed passwords, and authentication information.
Impact: No evidence of access to user account contents or payment information; incident limited to Dropbox Sign infrastructure; no material impact on overall business operations determined.
Materiality: not material
Discovery: 2024-04-24

Exact text from the filing

On April 24, 2024, Dropbox, Inc. (“ Dropbox ” or “ we ”) became aware of unauthorized access to the Dropbox Sign (formerly HelloSign) production environment.

View on SEC.gov

2 cybersecurity incidents filed in the last 30 days. Browse all cybersecurity incidents →

DROPBOX, INC. filing history →

Source: SEC EDGAR

accession 0001467623-24-000024

view filing index on sec.gov

view primary document

Machine-readable: JSON · Markdown · Plain text

This headline and bullets were generated automatically by deepseek-v4-flash:cloud@v2 from the public filing. Read the source on SEC.gov before relying on any specific claim. Not investment advice. See methodology for how this pipeline works.