Dropbox suffered an intrusion into its systems, exposing sensitive data such as the passwords of users of its “Dropbox Sign” option.
The online storage service Dropbox has been the victim of a cyberattack. In A declaration to the American authorities, published on May 1, 2024, the company reports having suffered a computer hack, indicating that the hackers had access to sensitive information such as passwords.
Advertisement
The infiltration into the network first concerns the Dropbox Sign branch, an option that allows users to digitally sign documents. The hackers gained access to information about all Dropbox Sign users, including account settings, names and email addresses. For some customers, phone numbers, hashed passwords and authentication information were also exposed. Those who received or signed a document via Dropbox Sign – but never created an account – are also affected by this cyberattack. Nearly 15 million people have signed up for Dropbox's paid options.
Change your Dropbox passwords
The infiltration was reportedly detected on April 24. “ The actor compromised a non-human service account that was part of Sign's infrastructure, used to run automated services “, declared the company in a statement.
Dropbox will contact all affected users and is expected to take specific action. To help protect customer data, Dropbox said its security team has:
- Reset all user passwords,
- Disconnected users from all devices connected to Dropbox Sign,
- Changed all login tokens.
As a matter of principle, we recommend that you change your passwords if you have used Dropbox Sign in the past.
Advertisement