logo
about-img
 

News & Security Alerts

Important Information Regarding DocuSign Phishing Scam

May 26, 2017, 09:27 AM by User Not Found

DocuSign, a leading provider for electronic signature services, recently experienced a breach of one of their non-core systems that contains the e-mail addresses of their account holders.  We are making you aware of this incident because HAPO periodically uses their services to deliver documents requiring signatures.   

This event is in no way related to HAPO Community Credit Union or its systems.

Here are some things you should know as reported to us by DocuSign:

  • A malicious third party gained unauthorized access to a non-core system belonging to DocuSign.
  • DocuSign had forensic analysis performed and it confirmed that only e-mail addresses were accessed; no names, physical addresses, passwords or other information was accessed.  No content or customer documents were accessed.
  • Only people who had established a DocuSign account were impacted by this incident.  Individuals who signed a document without a DocuSign account were not among the list of e-mail addresses accessed.
  • Phishing e-mails were sent to individuals using e-mail addresses obtained in the breach and contained a link to a malicious document.    

What should you do?

  • Think before you click.  If you are not expecting an e-mail with documents or you are not sure, you should contact the sender to verify it or delete the e-mail.
  • Keep your antivirus software and computer updated as patches are released.  
  • Visit the Security Awareness section of our website for more information on phishing and how you can help protect yourself online.

Additional information on this incident is located on DocuSign’s website in their Trust Center.

The security of your information is always a top priority at HAPO Community Credit Union and we will continue to monitor DocuSign’s response to this event so we may update this page with any new or additional information.