Dropbox revealed a phishing attack incident that resulted in attackers gaining access to 130 private repositories on GitHub.
These repositories contained Dropbox-modified offshoots of existing open source libraries, some internal prototypes, as well as utilities and configuration files of the team responsible for security.
At the same time, repositories with code for the underlying applications and key infrastructure elements, which were developed separately, were unaffected by the attack. It also did not leak the user base or compromise the infrastructure.