31.Lock DigitalRoom Esm W900

Dropbox has revealed details of a phishing attack to which it fell victim. In the attack, a threat actor was able to steal code from the company after gathering employee credentials to GitHub repositories.

The security breach took place in the middle of last month, with GitHub notifying Dropbox of suspicious account activity on October 14. The cloud storage company says that the code that was accessed "contained some credentials -- primarily, API keys -- used by Dropbox developers" but insists that "no one's content, passwords, or payment information was accessed", and that its core apps and infrastructure were unaffected.

In a blog post that goes into some detail about the incident, Dropbox says: "In today's evolving threat landscape, people are inundated with messages and notifications, making phishing lures hard to detect. Threat actors have moved beyond simply harvesting usernames and passwords, to harvesting multi-factor authentication codes as well. In September, GitHub detailed one such phishing campaign, in which a threat actor accessed GitHub accounts by impersonating the code integration and delivery platform CircleCI. We recently learned that Dropbox was targeted by a similar campaign.