The Dropbox breach of approximately July 2012 originated from employee password reuse. A Dropbox employee had reused their LinkedIn account password for their corporate Dropbox work account. When the LinkedIn breach (also 2012) exposed that employee’s hashed LinkedIn password and it was cracked, attackers used it to log into the employee’s Dropbox account. Inside, they found a Dropbox document containing a database backup with hashed email addresses and passwords for approximately 68 million Dropbox users. Dropbox did not discover or disclose the breach until August 2016 — four years later — when the data appeared on dark web trading sites. Dropbox force-reset all user passwords from before mid-2012 as a precaution. The breach is a canonical case study on the dangers of password reuse, the importance of MFA, and the risks of storing sensitive data in an employee’s cloud storage account. It also demonstrated the downstream ‘credential chain’ effect: the LinkedIn breach created the conditions for the Dropbox breach.