Tag: eSignature service

DropBox says hackers stole customer data and auth secrets from eSignature service
News

DropBox says hackers stole customer data and auth secrets from eSignature service

The cloud storage company DropBox claims that customer data, hashed passwords, MFA keys, and authentication tokens were obtained by hackers who broke into the production servers for its DropBox Sign eSignature platform. Customers can send documents online to DropBox Sign (previously HelloSign), an eSignature platform, to obtain legally binding signatures. According to the firm, on April 24, they discovered unapproved access to DropBox Sign's production systems and opened an inquiry. According to the findings of this research, a Dropbox Sign automatic system setup tool that is a component of the platform's backend services was compromised by the threat actors. The threat actor was able to access the customer database by using this configuration tool to run programs and automate...