Accessibility links

Facebook   X   LinkedIn   Email

Attackers Breach DropBox Sign Production Environment Accessing Login and Authentication Info

June 12, 2024

In April 2024, Dropbox reported a significant security breach involving its Dropbox Sign service, formerly known as HelloSign. The breach occurred on April 24, 2024, when a hacker accessed the production environment of Dropbox Sign through a compromised service account. This account, used for automated system configurations, allowed the attacker to infiltrate the system and access sensitive customer information.

The compromised data included email addresses, usernames, phone numbers, hashed passwords, account settings, and authentication information such as API keys and OAuth tokens. Importantly, while user data was accessed, there is no evidence that the contents of users' documents or their payment information were exposed. According to Malwarebytes, this breach was limited to the Dropbox Sign infrastructure, leaving other Dropbox services unaffected. However, even if users have never created a Dropbox Sign account, but received or signed a document through Dropbox Sign, those email addresses and names were exposed.

In response to the breach, Dropbox has taken several security measures. The company has reset all users' passwords, logged out all connected devices, and initiated the rotation of all API keys and OAuth tokens. For users with API access, Dropbox has required the generation of new API keys and temporarily restricted some functionalities. Additionally, the organization has hired forensic investigators to continue the investigation. They have reported the incident to law enforcement and regulatory bodies to comply with data protection regulations.

Dropbox is also in the process of notifying all affected users. Should you receive a notification that your information was accessed, be sure to reset your password using at least eight characters including a good mix of letters, numbers, and special characters. In addition, enable multifactor authentication if it’s available to you.


Wanted! Nighttime Bandit Steals PII Using Google Ads

Scams & Phishing

Wanted! Nighttime Bandit Steals PII Using Google Ads

Users that are searching for popular software have recently become the targets of malvertising which leverages Google Ads to install Trojan versions of Raccoon Stealer and Vidar. These malware versions are sneakily hidden within Google advertising…you know; those advertisements you see on the side of your browser window or plastered all over social media. This bandit, if clicked, will then proceed to install malware on your device. Guardio Labs has dubbed this "MasquerAd." Clever, isn't it? READ FULL STORY
How To Create A Strong And Unique Password For Every Account

Education

How To Create A Strong And Unique Password For Every Account

Most of us know by now not to use the same passwords for different accounts; yet some of us still do. But users who continue to use passwords they know have been exposed in a hack are truly flirting with danger. In a recent study, Google found 1.5% of passwords are still being used despite those users knowing they’ve been compromised. A security researcher discovered more than 22 million unique passwords and over 770 million email addresses were made public on a popular hacker forum earlier this year. READ FULL STORY
Common Signs Of Phishing To Keep In Mind When Your Inbox Overflows

Scams & Phishing

Common Signs Of Phishing To Keep In Mind When Your Inbox Overflows

With email phishing, deciphering what’s real from what’s fake can be a challenge. Our inboxes are stuffed with emails fighting to get our attention and get us to take some action. But how to ferret-out what’s legitimate takes some cyber-smarts. Research shows email is the primary method of spreading 92% of all malware, and the U.S. is the target of 86% of all email phishing attacks. Whether at home or at work, email phishing is relentless, but being aware of characteristics they have in common can be a powerful tool. READ FULL STORY
Credential Phishing Targets Hospital IT Desks

Corporate Security

Credential Phishing Targets Hospital IT Desks

Socially engineered attacks end with nothing social about them. In fact, some say a better name would be "anti-social attacks." Names aside, the attacks aim to exploit human trust while tricking people into divulging their personal identifiable information (PII) in ways that benefit an attacker. These tactics are posing a significant threat to data security and privacy. The American Hospital Association (AHA) shares its knowledge about how these social engineering attacks are making the rounds at hospital IT help desks. READ FULL STORY
Shut The Door! Don't Leave Your Network Open To Account Takeovers

Corporate Security

Shut The Door! Don't Leave Your Network Open To Account Takeovers

If your company is like most, it has seventeen sets of login credentials floating around online. According to a study by Arctic Wolf, those credentials exposed in data breaches or other cybercrimes are always welcome on the dark web. They’re typically for sale, but often offered for free, and anyone interested in using them has a digital buffet of login data at their disposal. Arctic Wolf’s report, “2020 Security Operations” sheds light on account takeovers and how easily they can be launched. READ FULL STORY