Sign Up on MEXCDropbox Sign Hit With Massive Data Breach, Here’s What Happened
Highlights
- Dropbox Sign has suffered a major data breach
- Multi-Factor Authentication (MFA) data were carted away with
- Dropbox Sign is responding to the breach, claims no payment info was compromised
e-signature startup, Dropbox Sign confirmed there was a massive data breach by hackers who gained access and compromised sensitive customer information. The breach enabled the hackers to gain unauthorized access to a service account that was part of the product’s back-end.
What Happened and What Was Compromised?
According to a data breach notification published on Dropbox Sign’s website, the compromised account, described as a “non-human account used to execute applications and run automated services,” granted the attacker access to the production environment and, subsequently, the customer database.
The compromised database accessed by the hacker contained a selection of sensitive information, including customer emails, usernames, phone numbers, hashed passwords, general account settings, API keys, OAuth tokens, and Multi-Factor Authentication (MFA) details.
Surprisingly, there was a category of individuals who did not register for an account but received or signed a document through the service. These groups also had their email addresses and names exposed in the breach.
Dropbox Sign has, however, assured that, as far as it is aware, there is no evidence signifying that the attackers accessed customer account contents or payment information. Hackers are known to steal information to defraud, like the recent movement of $2.6 million to Tornado Cash by the Prisma Finance hacker.
Dropbox Sign Responds to Data Breach
In response to the data breach which was first discovered on April 24, Dropbox took immediate measures to mitigate the damage and protect user data. This included resetting user passwords and logging users out of all their connected devices to ensure the integrity of customer accounts.
Additionally, the company is coordinating the rotation of all API keys and OAuth tokens to prevent further unauthorized access. It has also reported the breach to law enforcement, and Dropbox Sign says it is committed to collaborating with authorities to investigate the incident.
In the meantime, Dropbox is reaching out to all users affected by the data breach to walk them through steps on how to further safeguard their data. The cloud storage platform says it is also reviewing the incident to prevent future recurrence.
It is yet to be seen the impact this will have on Dropbox’s value given the stiff competition among companies in the traditional financial and tech sectors.
- Donald Trump Petitions Supreme Court To Remove Fed Governor Lisa Cook
- Pi Coin Rises As Pi Network Implements Protocol v23 on Testnet
- Tether-Backed Plasma Stablecoin Blockchain Set to Launch on September 25
- Cathie Wood’s Ark Invest Backs Nasdaq-Listed Solmate To Launch $300M Solana Treasury
- REX-Osprey Spot Dogecoin and XRP ETFs Launch With Record Trading Volume
- Cardano Price Stays Above Ichimoku Cloud as Grayscale ADA ETF Approval Nears
- HBAR Price Prediction as SEC Approves Generic ETF Framework – Analyst Targets $1.80
- Toshi Coin Gains 57% in One Day: What’s Driving the Sudden Upside?
- Shiba Inu Price Set to Soar as Exchange Reserves Dive Amid SHIB ETF Chatter
- Pepe Coin Price Prediction as Whale Moves $25M From Robinhood- Is a Breakout to $0.00002 Next?
- XRP Price Prediction as Market Longs Hit 78% amid VivoPower Treasury Expansion Launch — Is $4 Next?
Why Trust CoinGape
CoinGape has covered the cryptocurrency industry since 2017, aiming to provide informative insights Read more…to our readers. Our journal analysts bring years of experience in market analysis and blockchain technology to ensure factual accuracy and balanced reporting. By following our Editorial Policy, our writers verify every source, fact-check each story, rely on reputable sources, and attribute quotes and media correctly. We also follow a rigorous Review Methodology when evaluating exchanges and tools. From emerging blockchain projects and coin launches to industry events and technical developments, we cover all facets of the digital asset space with unwavering commitment to timely, relevant information.
