Dropbox, Inc. disclosed a cybersecurity incident affecting the Dropbox Sign (formerly HelloSign) production environment through an SEC 8-K filing on May 1, 2024. This unauthorized access was first detected on April 24, 2024, and involved a threat actor accessing Dropbox Sign user information, including emails, usernames, phone numbers, hashed passwords, and certain authentication details such as API keys, OAuth tokens, and multi-factor authentication. The incident, believed to be limited to Dropbox Sign infrastructure without impacting other Dropbox products, prompted immediate security responses including password resets, user notifications, and coordination with law enforcement and regulatory authorities. Remediation efforts are underway, and while there has been no evidence of access to the contents of users' accounts or payment information, Dropbox acknowledges the breach has violated their standard of trust and is conducting a comprehensive review to prevent future incidents.