Dropbox suffers data loss after 130 GitHub repositories compromised
As the news of approx. 130 Source Code of Github repos being compromised is circulating widely, Dropbox has confirmed that it became a victim of phishing attack. The hackers stole employees’ credentials and used it to gain access to one of the Github accounts. After gaining access, hacker was able to steal 130 code repositories.
Dropbox has been one of the major cloud storage providers widely used by multiple organization as well as individuals. Dropbox creates a specific folder on the user’s computer and keeps all the files at a central place. The content of these drop directory gets synchronized to Dropbox servers including other devices (such as mobile, tab, desktop and laptops etc.) where the user has installed Dropbox, keeping the files up to date on all devices. Dropbox offers Desktop applications for Microsoft Windows, Mac macOS, and Linux PCs, and mobile based applications for iOS and androids based operating systems.
Github notified the company of the breach on October 14 when they noticed suspicious activity. After primary investigation, Dropbox confirmed that the accessed codes contained primarily API keys that are used by Dropbox developers. The stolen data also includes details of Dropbox employee, their email addresses, customers records, vendor information and sales leads.
This breach resulted from a phishing attack that initially targeted many Dropbox users using emails impersonating the CircleCI and redirecting them to a custom phishing landing page. On the landing page, users were directed to provide their Github username and password. On the same page, users were asked to “use their hardware authentication key to pass a One Time Password (OTP) so that authentication key can be sniffed.
Post this breach, hackers successfully gained access to the Source code repositories and stole 130 code repositories. Fortunately, the stolen source codes didn’t contain core apps code as the access to such repositories is restricted and secured.