Dropbox Sign Hit by Security Breach: Customer Data Exposed

May 3, 2024
Dropbox Sign Hit by Security Breach: Customer Data Exposed
  • On April 24, 2024, Dropbox Sign, a digital signature service, was compromised, exposing customer data such as emails, usernames, and security credentials.

  • The breach, stemming from unauthorized access to Dropbox's production environment, led to the control of a service account by attackers.

  • Affected data did not include account contents or payment information, but the extent of the breach impacted third parties who interacted with Dropbox Sign.

  • Dropbox is actively responding by advising password resets, vigilance against phishing, and for API customers, rotation and deletion of keys.

  • The company is also collaborating with law enforcement and regulatory bodies while directly contacting affected users to guide them through protecting their data.

  • Industry experts highlight the risks of identity theft and fraud post-breach and recommend proactive measures such as using a password manager and updating reused passwords.

Summary based on 10 sources

Get a daily email with more Tech stories

More Stories