![]() Also, as always, be aware of any suspicious emails and unfamiliar URLs that end up in your email box. This is a good moment to reflect and ensure generally good security practices, such as regularly rotating passwords and setting up MFA on your dropbox account. We would not see this breach as a reason to not be a Dropbox user. While this does not mean that Dropbox is immune to attacks it does show a clear trend that they take security seriously but do have some areas to improve on. At the same time, we can see that Dropbox has additional security measures in place, such as hardware tokens, that would have made this very difficult for attacks to succeed.įinally, we also must consider that according to Dropbox, their logs showed no unknown access to critical systems, which shows the attack was caught in a timely manner. While it is clearly a concern that plain text credentials and data are in Dropbox code repositories, this is not an issue isolated to Dropbox. ![]() This would indeed indicate a minimal risk to Dropbox customers but as we have seen in many other breaches, attackers can move laterally from internal tools into core infrastructure, at this stage there is no evidence to support this currently.Īt the same time, Dropbox did disclose that" the code and the data around it also included a few thousand names and email addresses belonging to Dropbox employees, current and past customers, sales leads, and vendors". Because we take our commitment to security, privacy, and transparency seriously, we have notified those affected and are sharing more here,” and importantly they have also stated that “We also reviewed our logs, and found no evidence of successful abuse”. The full extent of the breach is unknown at this time because the source code the hacker has stolen has not been released and Dropbox has not confirmed what system the API keys and other credentials could access.ĭropbox said in a statement “We believe the risk to customers is minimal. Phishing email sent by the attacker What Data was Hacked during this Security Breach? ![]() We also know that a very similar attack was happening around the same time in the wider GitHub community, also faking a CircleCI email and login screen, so it is suspected but not confirmed this was the same threat actor. “This attack shows how threat actors are conducting more and more sophisticated attacks to gain access to developers tools which are known to contain sensitive information” Mackenzie Jackson - Security Advocate The fact that the attacker seemingly knew Dropbox used CircleCI and was able to communicate with a hardware key and pass the one-time password to the attacker shows a higher level of sophistication. This attack wasn’t simply just a spray-and-pray phishing campaign that would come from a low-sophistication attack.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |