DropBox | Supplier Security

Product name

DropBox

Product url

http://www.dropbox.com/

ISO 27001 certified

yes

HIPAA certified

yes

SOC2 type1 certified

yes

SOC2 type2 certified

yes

Dataprotectionofficer contact

privacy@dropbox.com

Privacy page(s)

https://www.dropbox.com/privacy

Security page(s)

https://help.dropbox.com/security

Typically contains the following data

Non sensitive employee personal data
Sensitive corporate information

Compliance documentation

We don't have documentation available yet.

Suppliers

Not detected

Additional information

Security white paper here: https://aem.dropbox.com/cms/content/dam/dropbox/www/en-us/business/solutions/solutions/dfb_security_whitepaper.pdf

Known data breaches

1. Dropbox breach on 2012-07-01

Description

In mid-2012, Dropbox suffered a data breach which exposed the stored credentials of tens of millions of their customers. In August 2016, they forced password resets for customers they believed may be at risk. A large volume of data totalling over 68 million records was subsequently traded online and included email addresses and salted hashes of passwords (half of them SHA1, half of them bcrypt).

Records affected

68648009

Type of data leaked

Email addresses, Passwords

Source

Have I Been Pwnd?

Last verified

2024-01-22 12:02:45 UTC

Privacy and Security \ DropBox Not following