Black Basta Ransomware: A New Social Engineering Threat
The Black Basta ransomware group has recently launched an aggressive social engineering campaign targeting businesses. Originating from the remnants of the disbanded Conti group, Black…
Dropbox Sign Breach Exposes Customer Data
Cloud storage giant Dropbox has recently disclosed a data breach affecting its eSignature service, Dropbox Sign (formerly HelloSign). The incident highlights the ongoing risks businesses and individuals face from cyber attacks, and the importance of proactive security measures.
How the Breach Happened
Threat actors gained access to a Dropbox Sign system configuration tool, which had elevated privileges within the platform. This allowed the attacker to access a customer database, exposing data including:
- Email addresses
- Usernames
- Phone numbers
- Hashed passwords
- Account settings
- Authentication information (API keys, OAuth tokens, multi-factor methods)
Crucially, Dropbox reports no evidence that customer documents or agreements were compromised. This breach emphasises how even service accounts (not directly associated with customers) can be targeted for valuable data exposure.
Impact and Response
Dropbox has addressed the situation by taking the following actions:
- Resetting all affected user passwords
- Logging out users from connected devices
- Coordinating the rotation of authentication tokens
- Working with law enforcement and data protection regulators
Customers impacted by the breach are being individually notified.
Protecting Yourself and Your Business
While Dropbox has taken responsibility and is mitigating the situation, this breach underscores several preventative measures everyone can take:
- Strong, Unique Passwords: Avoid reusing passwords across different services. A hacked service could expose credentials for others. Consider using a password manager to help keep track.
- Multi-Factor Authentication (MFA): Enable this when possible, as it requires an additional element (e.g., a code generated on an authorised app) when logging in, making account takeover harder.
- Be Vigilant: Be sceptical of unexpected emails or requests for password changes, even if they appear to be from a legitimate service. When in doubt, navigate to the website directly rather than clicking links.
- Regular Software Updates: Update your operating system, apps, and security software promptly to address identified vulnerabilities.
- For Businesses: Conduct regular security audits and employee training. Restrict privileges for accounts to only necessary functions.
Staying Secure in the Digital Age
Cyber security threats are constantly evolving. Staying informed and practicing good digital hygiene are essential to minimise your risk of falling victim to future attacks.
Additional Resources:
Further information available at:
- Cyber Fraud Centre – Scotland: https://www.cyberfraudcentrescotland.com
- UK’s National Cyber Security Centre: https://www.ncsc.gov.uk/
- CyberScotland: https://www.cyberscotland.com
Related articles
New Chrome Zero-Day Vulnerability CVE-2024-4761: What You Need to Know and How to Stay Safe
Overview Google has released an emergency update to address a new zero-day vulnerability in its Chrome browser. This high-severity flaw, identified as CVE-2024-4761, is actively…
Microsoft’s May Patch Tuesday: Qakbot Zero-Day Demands Urgent Action, But Don’t Overlook Other Critical Fixes
Microsoft’s latest security update cycle, known as Patch Tuesday, arrived in May 2024 with fixes for 61 vulnerabilities. Among these, the exploitation of the zero-day…