Overview

• Dropbox confirmed a breach in Dropbox Sign’s production systems, exposing emails, usernames, phone numbers, hashed passwords, and authentication data.
• The breach, detected on April 24, involved unauthorized access via a compromised service account with elevated privileges.
• No evidence suggests that documents or agreements were accessed, but exposed data increases the risk of phishing and identity theft.
• Dropbox has reset passwords, logged out users, and advised customers to rotate API keys and enable new MFA configurations.
• Security experts warn of the potential for targeted phishing attacks due to the nature of the stolen data.