DocuSign , a major provider of electronic signature technology , acknowledged today that a series of recent malware phishing attacks Attack.Phishing targeting its customers and users was the result of a data breach Attack.Databreach at one of its computer systems . The company stresses that the data stolen Attack.Databreach was limited to customer and user email addresses , but the incident is especially dangerous because it allows attackers to target users who may already be expecting to click on links in emails from DocuSign . San Francisco-based DocuSign warned on May 9 that it was tracking Attack.Phishing a malicious email campaign where the subject line reads , “ Completed : docusign.com – Wire Transfer Instructions for recipient-name Document Ready for Signature. ” The missives contained a link to a downloadable Microsoft Word document that harbored malware . The company said at the time that the messages were not associated with DocuSign , and that they were sent from Attack.Phishing a malicious third-party using DocuSign branding in the headers and body of the email . But in an update late Monday , DocuSign confirmed that this malicious third party was able to send Attack.Phishing the messages to customers and users because it had broken in and stolen Attack.Databreach DocuSign ’ s list of customers and users . “ As part of our ongoing investigation , today we confirmed that a malicious third party had gained temporary access Attack.Databreach to a separate , non-core system that allows us to communicate service-related announcements to users via email , ” DocuSign wrote in an alert posted to its site . “ A complete forensic analysis has confirmed that only email addresses were accessed Attack.Databreach ; no names , physical addresses , passwords , social security numbers , credit card data or other information was accessed Attack.Databreach . No content or any customer documents sent through DocuSign ’ s eSignature system was accessed Attack.Databreach ; and DocuSign ’ s core eSignature service , envelopes and customer documents and data remain secure. ” The company is asking people to forward any suspicious emails related to DocuSign to spam @ docusign.com , and then to delete the missives . “ They may appear suspicious because you don ’ t recognize the sender , weren ’ t expecting a document to sign , contain misspellings ( like “ docusgn.com ” without an ‘ i ’ or @ docus.com ) , contain an attachment , or direct you to a link that starts with anything other than https : //www.docusign.com or https : //www.docusign.net , ” reads the advisory . If you have reason to expect a DocuSign document via email , don ’ t respond to an email that looks like Attack.Phishing it ’ s from DocuSign by clicking a link in the message . When in doubt , access your documents directly by visiting docusign.com , and entering the unique security code included at the bottom of every legitimate DocuSign email . DocuSign says it will never ask recipients to open a PDF , Office document or ZIP file in an email . DocuSign was already a perennial target for phishers and malware writers , but this incident is likely to intensify attacks against its users and customers . DocuSign says it has more than 100 million users , and it seems all but certain that the criminals who stole Attack.Databreach the company ’ s customer email list are going to be putting it to nefarious use for some time to come .