Seems like they got the 2FA keys as well[0], so I'm not sure how useful this is in this context. 2FA seems it might be more useful where it's a different site and you've reused the password or had it phished, than in this case where the site is compromised.
I'm still unclear how much I'm impacted. I've used Dropbox Sign / HelloSign but always with my dropbox account. Resetting password and 2FA anyway, because why not.
I'm still unclear how much I'm impacted. I've used Dropbox Sign / HelloSign but always with my dropbox account. Resetting password and 2FA anyway, because why not.
[0]: They're asking people to reset the 2FA.