#eSignature

Dropbox dropped the ball on security, haemorrhaging customer and third-party info

by

May 1, 2024 at 09:02PM Dropbox has disclosed a significant security breach affecting its eSignature service, Dropbox Sign. Unauthorized access exposed user data such as emails, usernames, and some authentication information. Fortunately, no evidence indicates access to user content or payment details. Dropbox assures that the incident has not affected its financials and is actively … Read more

DropBox says hackers stole customer data, auth secrets from eSignature service

by

May 1, 2024 at 06:24PM Hackers breached Dropbox Sign’s production systems, accessing authentication tokens, MFA keys, hashed passwords, and customer data. The company detected unauthorized access on April 24 and found that threat actors gained access to an automated system configuration tool, allowing them to access the customer database. Dropbox reset all users’ passwords and … Read more