Dropbox Sign, a service for electronic signatures, had its production environment breached by threat actors who gained access to customer information, email addresses, hashed passwords, account settings, and authentication details like API keys and OAuth tokens. Following the breach detection on April 24th, Dropbox initiated an investigation and notified data protection regulators and law enforcement. The attackers utilized a compromised service account to access the customer database, impacting users who registered accounts and those who used the service without registering
The company's response included resetting passwords, logging users out, rotating API keys and OAuth tokens, and advising users to change shared passwords and enable multi-factor authentication.https://securityaffairs.com/162654/hacking/dropbox-sign-production-environment-hacked.html