14 DAY TRIAL // DocuSign, the company behind eSignature, one of the most popular digital signature services in the world, admitted that they suffered a data breach that exposed customer email addresses. These emails were later used in a phishing campaign that kicked off last week.
"Last week and again this morning, DocuSign detected an increase in phishing emails sent to some of our customers and users – and we posted alerts here on the DocuSign Trust Site and in social media. The emails “spoofed” the DocuSign brand in an attempt to trick recipients into opening an attached Word document that, when clicked, installs malicious software. As part of our process in response to phishing incidents, we confirmed that DocuSign’s core eSignature service, envelopes and customer documents remain secure," the company notes in the alert it issued earlier.
According to DocuSign, a malicious party had gained temporary access to a separate, non-core system that allows the communication of service-related announcements to users via email. Thankfully, during the data breach, only email addresses were accessed. This means that people's names, physical addresses, passwords, social security numbers, credit card data and any other account-related data are safe and have not been accessed. Nor have any content or customer documents sent through DocuSign's eSignature system.
The company took action to prohibit the unauthorized access to the system and put further security controls in place.
Beware of phishing mails
Sadly, people are still being targeted by phishing emails. Therefore, the company is asking customers to delete any emails with the subject line "Completed: [domain name] – Wire transfer for recipient-name Document Ready for Signature" and "Completed: [domain name] – Wire transfer for recipient-name Document Ready for Signature" as they are not from DocuSign. Instead, they contain a link to malware spam.
Any other suspicious emails related to DocuSign are to be forwarded to [email protected] and deleted from the computer immediately thereafter.
The company also advises users to have their anti-virus software enabled and up to date to block any possible infections.