Dropbox Discloses Breach of Digital Signature Service Affecting All Users

02-May-24

Cloud storage services provider Dropbox on Wednesday disclosed that Dropbox Sign (formerly HelloSign) was breached by unidentified threat actors, who accessed emails, usernames, and general account settings associated with all users of the digital signature product.The company, in a filing with the U.S. Securities and Exchange Commission (SEC), said it became aware of the “unauthorized access” on April 24, 2024. Dropbox announced its plans to acquire HelloSign in January 2019.“The threat actor had accessed data related to all users of Dropbox Sign, such as emails and usernames, in addition to general account settings,” it said in the Form 8-K filing.

Read More…