"Security Breach Exposes Dropbox Sign Users"

Dropbox has recently disclosed a significant breach in its systems, exposing customers’ data to unauthorized entities. The incident, detailed in a new regulatory filing, primarily affected Dropbox Sign, a service akin to DocuSign, allowing users to manage documents online. According to the company, management became aware of the breach on April 24 and promptly initiated cybersecurity measures. The investigation revealed that the attackers accessed various user data, including emails, usernames, phone numbers, hashed passwords, and authentication information like API keys and OAuth tokens. The company said that authentication processes are put in place to prevent cyber criminals from accessing systems or accounts even when they have stolen credentials. However, the company noted that the theft of authentication data, such as tokens and certificates, can allow these security processes to be completely bypassed. Additionally, Dropbox stated that even individuals who interacted with Dropbox Sign without creating an account had their information compromised. The company said it found no evidence of access to the contents of users’ accounts or payment information. The company noted that it appears that the attack was contained within the Dropbox Sign infrastructure, sparing other Dropbox products. The breach reportedly stemmed from a compromised service account within Dropbox Sign’s backend, allowing the attackers to access the customer database. In response to the breach, Dropbox has taken measures such as resetting passwords, logging out users from connected devices, and rotating API keys and OAuth tokens. The company plans to reach out to affected users with instructions on securing their data. The investigation is ongoing, with Dropbox promising further updates as they emerge.

Infosecurity Magazine reports: "Security Breach Exposes Dropbox Sign Users"