DocuSign confirmed on Tuesday that a malicious third party had gained temporary access to a separate, non-core system to steal possibly more than 100 million email addresses.

According to an article in Forbes by Lee Matthews, in an update on its website, DocuSign reported an uptick in targeted spam campaigns abusing the company's branding, launching an investigation.

The company found hackers gained temporary access to a separate, non-core system that allows it to communicate service-related announcements to users via email.

However, DocuSign confirmed that DocuSign’s core eSignature service, envelopes and customer documents remain secure.

DocuSign stated in its update that only email addresses were accessed; no names, physical addresses, passwords, social security numbers, credit card data or other information was accessed. No content or any customer documents sent through DocuSign’s eSignature system was accessed.

DocuSign digitizes the signature process and is commonly used in the mortgage finance process. It also gives special pricing for members of the National Association of Realtors and California mortgage professionals.

The attack even reached as far as HousingWire, with this reporter noticing a suspicious email branded by DocuSign on Tuesday, asking for special attention on a construction project. That email was promptly deleted.

DocuSign stated it took “immediate action to prohibit unauthorized access to this system, we have put further security controls in place, and are working with law enforcement agencies.”

It also emphasized that out of an abundance of caution as a trusted brand and to protect people from any further phishing attacks against their email, they’re alerting people and recommend taking the following steps to ensure the security of their email and systems:

  • Delete any emails with the subject line, “Completed: [domain name]  – Wire transfer for recipient-name Document Ready for Signature” and “Completed [domain name/email address] – Accounting Invoice [Number] Document Ready for Signature”. These emails are not from DocuSign. They were sent by a malicious third party and contain a link to malware spam.
  • Forward any suspicious emails related to DocuSign to spam@docusign.com, and then delete them from your computer. They may appear suspicious because you don’t recognize the sender, weren’t expecting a document to sign, contain misspellings (like “docusgn.com” without an ‘i’ or @docus.com), contain an attachment, or direct you to a link that starts with anything other than https://www.docusign.com or https://www.docusign.net.
  • Ensure your anti-virus software is enabled and up to date.
  • Review our whitepaper on phishing available at https://trust.docusign.com/static/downloads/Combating_Phishing_WP_05082017.pdf 

This, unfortunately, isn’t the first time the industry has dealt with a massive hacker attack. Late last year, hacked email and password data for more than 68 million Dropbox users was up for sale in the darknet marketplace. 

About the Author

Most Popular Articles

Traders now see Fed cut next week as a near-certainty

Futures traders now see a rate-cut as the near-certain outcome of next week’s Federal Reserve meeting as a stagnant manufacturing sector weighs on the economy. “The U.S. economy confronts some evident risks in this the 11th year of economic expansion,” Fed Vice Chairman Richard Clarida said in a speech on Friday.

Oct 21, 2019 By

Latest Articles

FHFA: U.S. home prices climb 4.6% from last September

Home prices increased in September, rising only 0.2% from the previous month but up 4.6% from 2018, according to the latest monthly House Price Index.

Oct 23, 2019 By