Dropbox was the victim of a cyberattack that resulted in the theft of sensitive information, including passwords. Very bad news for users of this popular online storage service.
Large companies are prime targets for hackers because their users’ personal data is a gold mine. Suffice it to say that the online storage service Dropbox, which has more than 700 million users worldwide – 17.5 million of whom have subscribed to the paid version – is particularly coveted! Unfortunately, the platform announced in a statement have been the victim of a cyber attack. She discovered, on April 24, that a hacker had managed to penetrate the system of Dropbox Sign – a company formerly known as HelloSign which was acquired in 2019 and which allows electronic signing of documents. secure way online – and steal sensitive user information, including passwords.
Dropbox hack: what data is stolen?
To penetrate the system, the hacker used a compromised account “used to run applications and run automated services”which allowed him to access the “customer database”. He was thus able to steal information relating to all Dropbox Sign users, such as account settings, user names and email addresses. He also stole the phone numbers and passwords of some customers. Dropbox would like to point out, however, that the passwords were hashed, that is to say they were transformed into a complicated string of characters using hashing algorithms, in order to make them unreadable. Please note, Internet users who have used Dropbox Sign eSignature, to sign a received document for example, without creating an account may also be affected by this data leak.
After discovering the cyberattack, Dropbox immediately reset users’ passwords and logged them out of all devices linked to Dropbox Sign. Also, the next time they log into their Sign account, they will receive an email asking them to reset their password. The company has also updated all API keys and OAuth tokens, to prevent the hacker from exploiting the information in their possession, and will limit certain functions of the API keys while waiting for users to reset them. However, it recommends that users who do not use a unique password change it on their other accounts. As for those who use authentication applications like Google Authenticator to log into the platform, they are advised to reset them.
Dropbox hacking: what to do?
Dropbox wants to be reassuring. According to her, there is currently no evidence that the author of the intrusion was able to access the content of users’ accounts, their payment information or other parts of the IT infrastructure. The investigation is still ongoing and law enforcement and various regulatory agencies have been notified. Dropbox has begun contacting customers affected by the incident to advise them on what to do next.
This is not the first time the file hosting service has been hacked. Already in 2022, the company was faced with another security problem: a phishing campaign had targeted its developers, allowing hackers to access thousands of names and email addresses on GitHub (see our article) . Caution is therefore once again required, because the stolen information, even if it does not in itself allow Dropbox accounts to be compromised, can be used to carry out much more sophisticated phishing campaigns and thus obtain even more sensitive data. , such as identifiers or bank details.