Ransomware

Dropbox Data Breach Impacts All E-Signing Service Users

The threat actor accessed data related to all users of , company's SEC filing said

by Mihir Bagwe May 2, 2024 in Cybersecurity News, Firewall Daily Reading Time: 3 mins read 0

593 SHARES 3.3k VIEWS Share on LinkedInShare on Twitter

and company Dropbox disclosed a security breach that resulted in an unauthorized access to sensitive information, including passwords and other authentication information.

Dropbox revealed that the breach targeted its production environment, specifically impacting Dropbox Sign, formerly known as HelloSign, a platform for digitally signing documents, in an 8-K filing with the U.S. Securities and Exchange Commission.

“The actor compromised a service account that was part of Sign's back-end, which is a type of non-human account used to execute applications and run automated services. As such, this account had privileges to take a variety of actions within Sign's production environment. The threat actor then used this access to the production environment to access our customer database.

The accessed information pertains to all Dropbox Sign users, encompassing account settings, names and emails. For some users, additional data such as phone numbers, hashed passwords and authentication information like keys, tokens and multi-factor authentication were also compromised.

“From a technical perspective, Dropbox Sign's infrastructure is largely separate from other Dropbox services. That said, we thoroughly investigated this risk and believe that this incident was isolated to Dropbox Sign infrastructure, and did not impact any other Dropbox products.”

While forensic investigators are engaged and law enforcement notified, regulatory agencies are being informed based on the presumption of personal information access.

Dropbox has initiated steps to mitigate the impact of the breach, including rotation of OAuth tokens and generating new API keys for customers with API access to Dropbox Sign. Certain functionalities will remain restricted until API keys are rotated, Dropbox said.

User notifications are underway, with Dropbox reaching out to affected users and providing guidance on necessary actions. The company expects all notifications to be completed within the next week.

Although Dropbox does not anticipate a significant impact on its operations or financial condition, it acknowledges potential risks, including litigation, changes in customer behavior and heightened regulatory scrutiny.

This Dropbox incident marks another security challenge for the file sharing giant, following a phishing campaign in 2022 that targeted its developers, resulting in unauthorized access to company GitHub accounts and sensitive information.

Source

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button