DocuSign detected an increase in phishing emails sent to some customers and users. The emails "spoofed" the DocuSign brand in an attempt to trick recipients into opening an attached Word document that, when opened, installs malicious software. A complete forensic analysis confirmed that only a list of email addresses was accessed—no names, physical addresses, passwords, social security numbers, credit card data or other information. No content or any customer documents sent through DocuSign's e-signature system were accessed and DocuSign's core e-signature service, envelopes and customer documents and data remain secure. If you are a DocuSign user, you can monitor the situation using the link provided.