Dropbox confirms serious security breach in which hackers stole code from 130 GitHub repositories

Dropbox has revealed details of a phishing attack to which it fell victim. In the attack, a threat actor was able to steal code from the company after gathering employee credentials to GitHub repositories. The security breach took place in the middle of last month, with GitHub notifying Dropbox of suspicious account activity on October 14. The cloud storage company says that the code that was accessed 'contained some credentials -- primarily, API keys -- used by Dropbox developers' but insists that 'no one's content, passwords, or payment information was accessed', and that its core apps and infrastructure were unaffected.… [Continue Reading]