Josh Gatka, Security Evangelist, Hyland
DocuSign, an electronic signature service OnBase integrates with, has disclosed that customer email addresses were acquired in a breach. Attackers are using this information to target DocuSign users in a malware phishing campaign. Phishing emails contain DocuSign branding and attempt to trick users into opening attachments (e.g., a word document) that installs malicious software.
DocuSign has asserted that only email addresses were compromised in the breach, that attackers did not gain access to eSignature services, envelopes or customer documents. According to DocuSign, customers’ names, physical addresses, passwords, social security numbers, credit card data and other information remain secure.
How Does this Breach Affect You?
This attack only affects Hyland customers using the Integration for DocuSign eSignature integration. At this time, we have no reason to believe the party involved in this breach gained access to any customer information beyond the aforementioned email addresses.
Recipients should exercise caution when reviewing DocuSign emails: Do not open emails, attachments, or links that are suspicious. The sender may manipulate its email address to resemble a legitimate DocuSign email address with subtle variations or mistakes (e.g., “docusgn.com” or “docus.com”).
For more information, reference DocuSign’s personal safeguards page below.
https://trust.docusign.com/en-us/personal-safeguards/
