Data breach at DocuSign leads to massive phishing campaign

E-signature and security firm DocuSign has confirmed a data breach in which attackers gained access to a database containing customer emails. The company says that no other data was revealed in the security breach, but it led to a large phishing campaign. Attackers used the stolen email addresses to spam people with emails containing an infected Microsoft Word document. The company insists that its core service remains secure, but coming in the wake of the WannaCry ransomware attack, people around the world are on high alert. The phishing campaign uses DocuSign branding to fool recipients into opening a malicious attachment… [Continue Reading]