Box Sync for Mac Update



Get Training

On January 12, a security researcher notified us of an issue in Box Sync where internal credentials were exposed that would have granted access to our public software publishing process. It's important to note that these credentials are not related to the security of customer data, and at no time was customer data at risk. We remediated the issue within 24 hours by deactivating the credentials, and in addition, we examined our logs and verified there was no unauthorized use of these credentials. We also issued an update to Box Sync to completely remove any such credentials in order to reduce confusion, although it is not essential that users upgrade.

Was this article helpful?
0 out of 1 found this helpful