Categories: Security

DocuSign Suffers Data Breach, Customers Targeted With Phishing Emails

Digital signature firm DocuSign has confirmed that it suffered a data breach which has resulted in many of its users being targeted by a phishing campaign.

Hackers managed to access a private database and gain access to the email addresses of DocuSign customers, which have since been used to send emails containing a malicious Word document. If opened, the attachment installs malware on the user’s device.

The company has assured users that names, physical addresses, passwords, social security numbers and credit card data were not accessed.

Data breach

The phishing emails were designed to trick users into opening the malicious attachment and were made to look like legitimate company communications.

There are two different versions in circulation, one with the subject heading “Completed: [domain name] – Wire transfer for recipient-name Document Ready for Signature” and another which reads “Completed [domain name/email address] – Accounting Invoice [Number] Document Ready for Signature”.

DocuSign has warned users that “these emails are not from DocuSign. They were sent by a malicious third party and contain a link to malware spam” and says recipients should forward such emails to ‘spam@docusign.com’ before deleting them completely.

In a post on its Trust Center site, DocuSign says: “Today we confirmed that a malicious third party had gained temporary access to a separate, non-core system that allows us to communicate service-related announcements to users via email. A complete forensic analysis has confirmed that only email addresses were accessed.

“We took immediate action to prohibit unauthorized access to this system, we have put further security controls in place, and are working with law enforcement agencies.”

The San Francisco-based firm recently opened a cyber security centre in Dublin to research ways to strengthen the protection of its e-signature and digital transaction management platforms but, as has become abundantly clear, no organisation is safe from cyber criminals.

The security world is still reeling from the weekend’s ‘WannaCry’ ransomware attacks which started by targeting NHS Trusts in London on Friday and quickly spread to over 100 countries around the world.

Several security researchers have since linked the outbreak to a North Korean hacking group and organisations should be braced for a second wave of attacks.

Do you know all about security in 2017? Try our quiz!

Sam Pudwell

Sam Pudwell joined Silicon UK as a reporter in December 2016. As well as being the resident Cloud aficionado, he covers areas such as cyber security, government IT and sports technology, with the aim of going to as many events as possible.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago