Reading:
DocuSign data breach puts users at risk
Share:
Sign-up to a data breach claim today - use our quick and easy form to begin your claim for thousands of pounds in compensation.
DocuSign – the company that lets users ‘sign’ documents digitally – has admitted they have been hacked.
During the data breach, hackers managed to take user email addresses, and cyber-criminals haven’t wasted any time as multiple users have already reportedly fallen victim to phishing emails.
The lack of delay means that DocuSign didn’t even have time to warn users that their information was compromised and to look out for “malicious third party” activity. Reportedly, users were enticed to click on a harmless looking Microsoft Word document, but the document contained certain malware to steal passwords and banking information.
DocuSign has spoken out about the data breach and ensured that “no names, physical addresses, passwords, social security numbers, credit card data or other information was accessed”.
“DocuSign’s core e-signature service, envelopes and customer document and data remain secure” continued the statement. Whilst it’s great news that most of the customer data was not compromised, we can’t ignore the risk users are still at even with just a stolen email address.
Phishing emails sound simple enough to avoid, but they remain a huge problem in today’s digital world. Many people often sign up to multiple newsletters and are often contacted by people we’re not completely familiar with.
Phishing emails have evolved from dodgy looking URL web links to realistic emails copying the image and names of trusted brands. A big concern is the lack of help provided for victims of phishing in many cases. If your credit card is stolen and the thief goes on a spending spree, the bank is likely to replace your card and any lost funds; but when it comes to lost funds through a phishing scam, banks may not be as sympathetic where they deem that you ‘voluntarily’ provided cyber criminals with access to your information.
DocuSign has urged users to delete any suspicious messages immediately, but for some it may be too late. After all, it’s becoming more and more difficult to distinguish a phishing email to a genuine one.
The company have been made aware that a number of the phishing emails were sent using the domain ‘docus.com’ and includes the following subject line: “Document Ready for Signature”. Busy workers may not have time to check and scrutinise every email they deal with, and one small oversight can release extremely harmful malware.
Keith Martin, a professor or Information Security at the university of London, explains that phishing is extremely common as it is easy to do and very effective in tricking recipients.
“Where it’s targeting a bank, for example, the senders are going to use headers and language that’ll make customers believe it’s their bank … it’s literally like fishing, hoping to get some bites, chucking a message out there speculatively.”
Sooner or later there will be ‘bites’ and malware will be released into the victims’ device, stealing more information.
EasyJet admits data of nine million hacked
British Airways data breach: How to claim up to £6,000 compensation
Are you owed £5,000 for the Virgin Media data breach?
Virgin Media faces £4.5 BILLION in compensation payouts
BA customers given final deadline to claim compensation for data breach
Shoppers slam Morrisons after loyalty points stolen
Half a million customers can sue BA over huge data breach
Lawyers accuse BA of 'swerving responsibility' for data breach
The biggest data breaches of 2020
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
