Dropbox Sign Hit by Cyberattack: User Data Compromised
May 4, 2024![Dropbox Sign Hit by Cyberattack: User Data Compromised](https://cdn.brief.news/images/stories/7289141be0bc4c751d91e112c3bf108ecfb7e8737e0a11c3d41030b025d35a8a01890b09d5540fc09e9e98981229121d9bc77e09e6c492d79cac054018279e5f.jpg)
On May 2, 2024, Dropbox Sign, formerly HelloSign, experienced a data breach compromising user personal information.
Compromised data includes names, emails, usernames, phone numbers, and hashed passwords, along with account settings and authentication details.
Dropbox has officially reported the incident to regulators and law enforcement and is notifying and guiding affected users on enhancing security.
In response to the breach, Dropbox has reset passwords for affected accounts and is providing support for those individuals.
The breach has raised alarms about vulnerabilities in GitLab instances, leading to a high-severity account takeover threat recognized by the CISA.
Federal agencies have been directed to address this security vulnerability by May 22.
Summary based on 7 sources
Get a daily email with more Tech stories
Sources
![Dropbox Breach Exposes Customer Credentials, Authentication Data](https://cdn.brief.news/images/links/b462cdfe82e46786ec6929d87e7968b627fee2312ac010493fab6616b1c89adbc1e46818e0b36d6ff6fc79dc3058772ebb94cba52c32b14cf4186074d269c8e2.jpg)
Dark Reading • May 2, 2024
Dropbox Breach Exposes Customer Credentials, Authentication Data![Dropbox Sign customer data accessed in breach | Malwarebytes](https://cdn.brief.news/images/links/43649dcfc6c5e06d96facb2fe924176cee9a1da4da4deda71041e656b988117a84a0c468a451c39e33b5381ca2ae4965aee159eab8bfe320a8291e6adce6889e.png)
Malwarebytes • May 2, 2024
Dropbox Sign customer data accessed in breach | Malwarebytes![Attackers steal API keys, OAuth tokens, in Dropbox Sign breach](https://cdn.brief.news/images/links/7289141be0bc4c751d91e112c3bf108ecfb7e8737e0a11c3d41030b025d35a8a01890b09d5540fc09e9e98981229121d9bc77e09e6c492d79cac054018279e5f.jpg)
SC Media • May 2, 2024
Attackers steal API keys, OAuth tokens, in Dropbox Sign breach![Dropbox Sign breach impacts customer data](https://cdn.brief.news/images/links/16f0555ffde38f92eb607ad32645406b65450d3c4ead45edeb7fbe2f1e26dc1d08dd69e500f6ef4a753f0c7b495463659c0712179d84902c543cb9677c8bd754.jpg)
SC Media • May 2, 2024
Dropbox Sign breach impacts customer data