“The next time you visit dropbox.com, you may be asked to create a new password. We proactively initiated this password update prompt for Dropbox users who meet certain criteria. Specifically, we’re prompting the update for users who:

Signed up to use Dropbox before mid-2012, and

Have not changed their password since mid-2012″

stated the announcement published by DropBox that confirmed the data breach occurred in 2012:

“We’ve confirmed that the proactive password reset we completed last week covered all potentially impacted users,” said Patrick Heim, Head of Trust and Security for Dropbox. “We initiated this reset as a precautionary measure so that the old passwords from prior to mid-2012 can’t be used to improperly access Dropbox accounts. We still encourage users to reset passwords on other services if they suspect they may have reused their Dropbox password.”