Dropbox Discloses Breach of Digital Signature Service Affecting All Users

Cloud storage provider Dropbox disclosed a breach of Dropbox Sign that allowed unidentified threat actors to access emails, usernames, account settings, and in some cases, phone numbers, hashed passwords, & authentication information. Though the contents of users’ accounts & payment info reportedly remained secure, the breach also affected third parties who received or signed a document through Dropbox Sign. An ongoing investigation is being conducted alongside law enforcement and regulatory authorities.