2 min read

Dropbox Hacked - Phishers Access Internal Resources

Filip TRUȚĂ

November 02, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Dropbox Hacked - Phishers Access Internal Resources

Phishers have broken into the infrastructure of cloud storage provider Dropbox and accessed internal GitHub code repositories, Dropbox has revealed in a notice.

In September, GitHub shared with its clients that an unknown threat actor was impersonating code integration and delivery platform CircleCI. Dropbox employees use their GitHub credentials to also log into and work in the CircleCI environment.

On Oct. 14, Dropbox learned it was targeted with a similar - if not the same - phishing lure, prompting GitHub to alert the cloud storage outfit of the mischief. Apparently, that notice arrived too late.

“Upon further investigation, we found that a threat actor—also pretending to be CircleCI—accessed one of our GitHub accounts, too,” Dropbox disclosed.

‘A few thousand’ potentially compromised

The code the hacker(s)  accessed contained credentials used by Dropbox developers, as well as “a few thousand names and email addresses belonging to Dropbox employees, current and past customers, sales leads, and vendors.”

The company clarifies it has more than 700 million users on record, seemingly to downplay the event. But that doesn’t mean ‘thousands’ can suddenly be considered a small figure - especially if those people actually end up compromised by the hack.

Customer Dropbox contents safe

It also clarifies that, “at no point did this threat actor have access to the contents of anyone’s Dropbox account, their password, or their payment information” - at least to the company’s knowledge at this stage of the investigation.

“We take our commitment to protecting the privacy of our customers, partners, and employees seriously, and while we believe any risk to them is minimal, we have notified those affected,” Dropbox says.

Dropbox to harden security defenses

Dropbox revoked the threat actor’s access to GitHub on the day it learned of the suspicious activity. Its security teams quickly started to rotate all exposed developer credentials and began an investigation to determine what customer data—if any—was accessed or stolen. After reviewing its logs, Dropbox found no evidence of successful abuse.

The company has hired outside forensic experts to verify its findings and is now hardening its defenses by accelerating adoption of WebAuthn.

Finally, Dropbox has reported the event to regulators and law enforcement.

Users who notice suspicious behavior on their account are instructed to report the activity at dropbox.com/report_abuse.

Bitdefender Digital Identity Protection offers continuous monitoring of your online accounts and fires out an instant alert when your personal information is at risk, complete with instructions on how to address the issue.

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

SIM Swapper Involved in $22 Million Crypto Heist Sentenced to 18 Months in Prison SIM Swapper Involved in $22 Million Crypto Heist Sentenced to 18 Months in Prison
Vlad CONSTANTINESCU

December 05, 2022

1 min read
Hive Social Taken Offline as ‘Critical Vulnerabilities’ Could Expose Private Messages, Other Data Hive Social Taken Offline as ‘Critical Vulnerabilities’ Could Expose Private Messages, Other Data
Filip TRUȚĂ

December 05, 2022

1 min read
Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info
Alina BÎZGĂ

December 02, 2022

2 min read