• Best VPN
  • Research
  • Guides
  • News
  • VPN Reviews
    • Comparisons
  • Coupons
  • Contact
    • About us
  • EnglishEnglish
    • FrançaisFrançais
Facebook Twitter Instagram
Facebook Twitter Instagram
Your Trusted VPN Experts
  • Best VPN
  • Research
  • Guides
  • News
  • VPN Reviews
    • Comparisons
  • Coupons
  • Contact
    • About us
  • EnglishEnglish
    • FrançaisFrançais
Your Trusted VPN Experts
News

A security breach causes thousands of names and email addresses to be stolen

Dan ParkerDan Parker
Share
Facebook Twitter Pinterest Email

A breach on a Dropbox GitHub account resulted in the loss of several thousand names and email information. The hackers employed a well-known phishing method.

Dropbox and its users have received bad news: hackers obtained a few thousand names and email addresses belonging to workers, present and past customers, prospects, and suppliers.

All of this information was saved on a GitHub account that was compromised. The hackers utilised a phishing tactic and targeted multiple Dropbox workers to do this. They pretended to be the CircleCI integration and distribution platform and referred employees to a bogus website that requested their GitHub username and password.

Employees were also prompted to use their hardware authentication key to transmit a one-time password (OTP).

Phishing DropboxExample of the phishing mail © Bleeping Computer

This gave the hackers access to GitHub and allowed them to hijack 130 code repositories. Dropbox was aware of suspicious activities on October 14 when GitHub notified the firm. After further research, it was discovered that the code contained credentials such as names and email addresses, as well as API keys used by developers.

Dropbox, however, wants to be reassuring and told our colleagues at Bleeping Computer:

“It is important to note that the stolen repositories did not include code for our applications or core infrastructure. Access to these repositories is even more limited and strictly controlled.”

According to the organisation, the hackers had no access to user accounts, passwords, or payment information. However, email addresses can be exploited to launch fresh phishing attempts. Furthermore, Dropbox did not disclose whether the hackers could use the stolen API keys.

It should be recalled that GitHub was the target of a similar attack in September. The CircleCI platform was also impersonated in that assault. To continue using the service, users were required to log in to their GitHub accounts and accept new terms of service. Furthermore, the hackers used VPN and proxy services to make it more difficult to track them down.

Share. Facebook Twitter Pinterest LinkedIn Email
Previous ArticleDoes NordVPN’s CyberSec Feature Block YouTube Ads?
Next Article VPNs : what are their limitations in 2023 ?
Dan Parker

Dan is a technology reporter from San Jose, California, currently living right in the heart of Silicon Valley. Raised around tech, he's found interests in various gadgets and the companies that make them for years. When not blogging about tech, he can be found hunting for music, shredding the slopes in South Lake, or whipping up a dish for friends in the kitchen.

Related Posts

Brave Bolsters Web Browser with Enhanced Privacy Features: Firewall and VPN

A free VPN will soon be integrated into the Microsoft Edge web browser

Logless VPN: Surfshark Passes First Independent Audit

NordVPN Birthday sale is on!

NordBF banner

Latest posts
  • Brave Bolsters Web Browser with Enhanced Privacy Features: Firewall and VPN 03/23/2023
  • WireGuard VPN: everything you need to know about the fastest VPN protocol! 03/02/2023
  • A free VPN will soon be integrated into the Microsoft Edge web browser 02/23/2023
  • Why Your Business Needs A VPN Solution! 02/22/2023
  • Logless VPN: Surfshark Passes First Independent Audit 02/21/2023
Facebook Twitter Instagram Pinterest
  • About us
  • Contact
  • Privacy Policy
  • Sitemap
  • English
  • Français
© 2023 Copyright VPN Creative

Type above and press Enter to search. Press Esc to cancel.