The file hosting giant said it learned about the breach on October 14, after being alerted by GitHub. A few weeks earlier, GitHub had warned that some of its users had been targeted in a phishing campaign impersonating the continuous integration and continuous delivery platform CircleCI in an effort to obtain credentials and two-factor authentication codes.
Dropbox was targeted in a similar attack, with hackers sending phishing emails to multiple employees, directing them to fake CircleCI websites set up to harvest their credentials and one-time passwords for multi-factor authentication (MFA).