May 18, 2017

Last week, IIABA partner service DocuSign detected an increase in phishing emails sent to some customers and users. The emails "spoofed" the DocuSign brand in an attempt to trick recipients into opening an attached Word document that, when opened, installs malicious software.

A complete forensic analysis confirmed that only a list of email addresses was accessed—no names, physical addresses, passwords, social security numbers, credit card data or other information. No content or any customer documents sent through DocuSign's e-signature system were accessed; DocuSign's core e-signature service, envelopes and customer documents and data remain secure.

As DocuSign continues to assess the depth of the breach, you can visit the DocuSign Trust Center for more information, including updates as DocuSign finds out more. Big I Advantage® is having ongoing discussions with our contacts at DocuSign regarding how this attack may have affected our state association staff and member accounts, and will relay any information we receive once it is available.

DocuSign encourages all involved to utilize the existing materials in the Trust Center to help your employees, customers or customers' customers protect themselves from phishing attacks. 

Email DocuSign or call 800-379-9973 with any additional questions.

IIABA partner DocuSign was recently target of a phishing attack. After a complete forensic analysis, DocuSign is confident that no content or customer documents were accessed and that DocuSign's e-signature service, envelopes and customer documents and data remain secure.

Photo credit:  © Amy Walters | Dreamstime.com - Computer phishing and identity theft concept