"At no point did this threat actor have access to the contents of anyone's Dropbox account, their password, or their payment information.
In a post about the incident, the Dropbox Security Team said:
The phishing email was made to look like it came from CircleCI, asking recipients to accept updated Privacy Policy and Terms of Use changes so they can continue to use the company's services. When one of the employees clicked the email link, they were taken to a phishing page where they entered their GitHub username and password.Īffected employees also used their hardware authentication key to input a One-Time Password (OTP) to the malicious site. Multiple Dropbox employees were targeted by this campaign which started off as an email posing as a message from CircleCI, a code integration and delivery platform. GitHub notified Dropbox after detecting suspicious activity on October 14, a day after the activity began. Attackers took 130 code repositories using stolen credentials after gaining access to one of Dropbox's GitHub accounts. File-hosting company Dropbox revealed on Tuesday that it has suffered a phishing incident.
0 kommentar(er)
