A number of DocuSign and LogMeIn customers are complaining that email accounts which they’ve been using exclusively for these services are being spammed with malware-laden messages. The incident is similar to the recent Dropbox breach.
Brian Krebs reports
that both DocuSign, which offers electronic signatures, and LogMeIn, a remote PC administration services provider, are investigating the claims, but so far none of them has found any traces of a breach.
LogMeIn representatives argue that the email addresses might have been targeted by the spammers because many of them contain variations of “LogMeIn” in their names.
“Many (nearly 30%) of the reports – and this includes all reports, not just the handful of people reporting the unique email claim – included variations of LogMeIn in the name, e.g. email@example.com, LMI@acme.com, firstname.lastname@example.org,” LogMeIn spokesman Craig VerColen told Krebs.
“The majority of the others used either common prefixes, e.g. email@example.com, firstname.lastname@example.org, email@example.com, or common first names, e.g. firstname.lastname@example.org. While this is not the case with all of the email addresses, the commonality would seem to suggest a pattern.”
For its part, DocuSign has released a statement
in which it advises customers to be on the lookout for malware-containing notifications.
In the meantime, some of their customers insist that there isn't any other way the spammers could have obtained their email addresses unless the companies have been hacked.