Dropbox suffered an intrusion into its systems, exposing sensitive data such as the passwords of users of its “Dropbox Sign” option.
The online storage service Dropbox has been the victim of a cyberattack. In a statement to American authorities, published on May 1, 2024, the company reported having suffered a hack, indicating that the hackers had access to sensitive information such as passwords.
The infiltration into the network first concerns the Dropbox Sign branch, an option that allows users to digitally sign documents. The hackers gained access to information about all Dropbox Sign users, including account settings, names and email addresses. For some customers, phone numbers, hashed passwords and authentication information were also exposed. Those who received or signed a document via Dropbox Sign – but never created an account – are also affected by this cyberattack. Nearly 15 million people have signed up for Dropbox’s paid options.
Change your Dropbox passwords
The infiltration was reportedly detected on April 24. “ The actor compromised a non-human service account that was part of Sign’s infrastructure, used to run automated services “, the company said in a statement.
Dropbox will contact all affected users and is expected to take specific action. To help protect customer data, Dropbox said its security team has:
- Reset all user passwords,
- Disconnected users from all devices connected to Dropbox Sign,
- Changed all login tokens.
As a matter of principle, we recommend that you change your passwords if you have used Dropbox Sign in the past.
Do you want to know everything about the mobility of tomorrow, from electric cars to e-bikes? Subscribe now to our Watt Else newsletter!