The popular electronic signature site DocuSign has reported an overnight hack. The company told press this morning that email addresses were obtained during the hack.
Company representatives also note that no other information was obtained during the hack. DocuSign is used by many large companies including some of the world’s major banks.
A Pointed Hack Attack
DocuSign has around 200 million users. Some of those users are twelve of the top fifteen US banks. DocuSign’s technology allows users to legally sign documents electronically, which is an important service that some banks offer clients. Hackers were able to tap into the DocuSign database and steal user emails.
The company made special note that names, addresses, social security numbers, and banking details were not stolen or viewed in any manner during the attack. This morning, however, users of the DocuSign service are not feeling at ease. The company has also noted that it is tracking the malicious emails and working with law enforcement agencies to reveal the people behind the hack.
Security Concerns Raised
This past week has been hectic in the world of cybersecurity. This past week saw more than 45,000 cyberattacks in 99 countries all linked to ransomware that might have been related to the theft of cyber weapons stolen from the NSA. The attacks have crippled hospitals and other establishments in England and elsewhere in the world.
The attacks spread throughout the world including to the US. Europe and Russia were the hardest hit. Ransomware is a type of malware that attacks users (this attack was not particularly targeted but mostly widespread) and then demands ransom in order to access systems again. Allegations this morning have linked the attacks to North Korea, though this has yet to be confirmed.
The DocuSign Connection
DocuSign has not noted that the recent company attacks were in any way related to the ransomware attacks. However, given that the ransomware attacks happened last week - and the DocuSign attacks followed -- many are wary about online safety at the time being. The Ransomware attacks demanded that victims pay $300 in Bitcoin currency. Attackers noted that price would rise if it was not paid in a timely manner.
Last year, a hospital in England paid thousands of dollars in Bitcoins during a similar ransomware attack. So far, the current hackers have obtained a lot of money during this attack. DocuSign’s recent attack has no connection to last week’s widespread ransomware attacks. Still, people are worried.
To stay on top of the DocuSign attack, you can visit the company’s website. DocuSign has noted, again, that the company is working on finding the source for the attacks and that users should not panic. If you do find yourself faced with ransomware, it’s best not to negotiate -- there’s no guarantee that your files will be released if you do pay the amount hackers are seeking. What is guaranteed is that you will be out $300 in Bitcoins.
The attacks continue from last week with many companies (Microsoft and Google included) working on finding the source of the attacks. So far, nothing has been noted concretely and all is speculative.