{"schema_version":"secwatch.filing_event.v1","accession":"0001467623-24-000024","form_type":"8-K","ticker":"DBX","cik":"0001467623","company_name":"DROPBOX, INC.","filed_at":"2024-05-01T23:59:59+00:00","discovered_at":"2026-05-14T18:03:18.542925+00:00","generated_at":"2026-06-03T02:41:14.415576+00:00","sec_items":["1.05","7.01","9.01"],"event_type":"cyber","sentiment":"negative","materiality_score":0.3,"calibrated_materiality_score":0.3,"confidence":"high","headline":"Dropbox reports unauthorized access to Dropbox Sign production environment affecting user data","bullets":["Threat actor accessed Dropbox Sign customer data including emails, usernames, phone numbers, hashed passwords, and authentication tokens.","Incident discovered on April 24, 2024; no evidence of access to account contents (documents/agreements) or payment information.","Dropbox believes the breach is isolated to Dropbox Sign infrastructure and did not affect other products like Dropbox cloud storage.","Company reset passwords, logged out users, rotated API keys and OAuth tokens, and notified law enforcement and regulators.","Dropbox states the incident has not had and is not reasonably likely to have a material impact on financial condition or operations."],"urls":{"canonical":"https://secwatch.observer/filing/0001467623-24-000024","json":"https://secwatch.observer/filing/0001467623-24-000024.json","markdown":"https://secwatch.observer/filing/0001467623-24-000024.md","text":"https://secwatch.observer/filing/0001467623-24-000024.txt","edgar_index":"https://www.sec.gov/Archives/edgar/data/1467623/000146762324000024/0001467623-24-000024-index.htm","edgar_primary_document":"https://www.sec.gov/Archives/edgar/data/1467623/000146762324000024/dbx-20240429.htm"},"model":{"generated_by":"deepseek-v4-flash:cloud@v2","generated_at":"2026-06-03T02:41:14.415576+00:00"},"review":{"review_status":"machine_generated","human_reviewed":false,"corrected":false,"correction_note":null,"correction_timestamp":null,"superseded_by":null,"related_filings":[]},"source_grounded_claims":[{"claim_id":"e9db353d38647a891e224e15d5018598726d3623","claim":"DROPBOX, INC. disclosed a cybersecurity incident: Unauthorized access to the Dropbox Sign (formerly HelloSign) production environment, accessing user data such as emails, usernames, account settings, and for some users phone numbers, hashed passwords, and authentication information. Impact: No evidence of access to user account contents or payment information; incident limited to Dropbox Sign infrastructure; no material impact on overall business operations determined. Company determined it not material. Discovered 2024-04-24.","evidence_excerpt":"On April 24, 2024, Dropbox, Inc. (“ Dropbox ” or “ we ”) became aware of unauthorized access to the Dropbox Sign (formerly HelloSign) production environment.","evidence_source":"SEC 8-K Item 1.05","evidence_url":"https://www.sec.gov/Archives/edgar/data/1467623/000146762324000024/0001467623-24-000024-index.htm","confidence":0.9,"family_label":"Cybersecurity Incidents","details":[{"label":"Nature","value":"Unauthorized access to the Dropbox Sign (formerly HelloSign) production environment, accessing user data such as emails, usernames, account settings, and for some users phone numbers, hashed passwords, and authentication information."},{"label":"Impact","value":"No evidence of access to user account contents or payment information; incident limited to Dropbox Sign infrastructure; no material impact on overall business operations determined."},{"label":"Materiality","value":"not material"},{"label":"Discovery","value":"2024-04-24"}],"fact_type":"cyber_incident"}],"license":"Source filings: public domain (SEC EDGAR). Summaries (headline + bullets): CC-BY-4.0; attribute https://secwatch.observer"}