"Our investigation has found that the code accessed by this threat actor contained some credentials, primarily API keys, used by Dropbox developers.
Importantly, it is confirmed that at no time did the threat actor have access to anyone’s Dropbox account, passwords or payment information. Access to those repositories is even more limited and strictly controlled." Importantly, they did not include code for our core apps or infrastructure. So, what did the threat actor get access to? The Dropbox security team says that "these repositories included our own copies of third-party libraries slightly modified for use by Dropbox, internal prototypes, and some tools and configuration files used by the security team.
0 kommentar(er)
