The Dropbox storage service confirmed that it suffered a security breach in mid-October, all due to a phishing attack that targeted one of its employees. Thanks to these credentials, the attackers had access to the GitHub repositories and stole several pieces of information. Find out the details in the following lines.
The attack on Dropbox happened because of a classic move
According to the company itself, the attacker managed to access a code that contained: “… some credentials, especially API keys, used by Dropbox developers.” They were very emphatic in saying that the studies showed no access to customer information, passwords, or payment data.
GitHub reported that the unusual activity began on October 13. Someone posed as an employee with the credentials to use the CircleCI account, thus accessing GitHub accounts and stealing information that contained thousands of names and email addresses of employees, as well as current and past customers, sales leads, and vendors.
Dropbox uses GitHub to store both public and private repositories, while CircleCI is used for internal company issues. They also ensured that they take internal and customer security very seriously. So they quickly notified those affected by the incident.
It should be noted that, among the stolen information, there is nothing about Dropbox’s main applications nor its infrastructure. The access to these repositories is even more limited, and very strictly controlled.
With this incident, Dropbox announced that it is working on ways to have extra security, one of which is to adopt WebAuth as the definitive solution, and the crown of two-step authentication. Now, we just have to wait to see what Dropbox will show in its next updates.
Keep in touch with our blog to read the latest news and innovations in the cybersecurity world.
Facebook: Eagle Tech Corp
LinkedIn: Eagle Tech
YouTube: Eagle Tech Corp