A database of customer emails owned by DocuSign, a popular digital signature service, was compromised, resulting in a phishing campaign that spreads malware.
On Tuesday, the company, which owns eSignature, confirmed that its email list had been stolen, according to a blog post detailing the incident.
DocuSign began tracking a phishing campaign on May 9 that leveraged the emails in the database. The phony messages were intended to trick recipients into opening Word document attachments that contained malware. Each was designed to look like they were sent by DocuSign, and included subject lines such as “Completed: docusign.com – Wire Transfer Instructions for recipient-name Document Ready for Signature”.
Although eSignature service, envelopes and customer documents were not impacted by the breach, the company confirmed that “a malicious third party had gained temporary access to a separate, non-core communication system used for service-related announcements that contained a list of email addresses.”