Dropbox disclosed a security breach on May 2, 2024, where hackers infiltrated the eSignature service, gaining access to customer emails, usernames, phone numbers, hashed passwords, and authentication secrets. The breach raised concerns about user data security. Additionally, Dropbox fell victim to a phishing attack, exposing credentials and API keys on GitHub
The company took swift action by resetting passwords and enhancing security measures, emphasizing the importance of robust security protocols. Users were advised to enable two-factor authentication and use strong, unique passwords. This incident highlights the persistent cyberattack threat and the need for secure cloud-based services. https://be4sec.com/2024/05/04/box-opened-customer-data-compromised/