DocuSign, a major provider of electronic signature technology used by many financial institutions including White River Credit Union, recently reported a series of malware phishing attacks.
Rest assured that DocuSign itself was not breached. It appears that a malicious 3rd party was able to gain access to a non-core system that houses email addresses to communicate service related announcements to users via email (New Release Information, Press Releases, Announcements on Service Schedules, etc.) These email addresses are limited to actual DocuSign account holders – those who signed a document without a DocuSign account were not among the list of email addresses that were accessed maliciously. No other information was captured, just email addresses. That said, we would still encourage you to utilize the existing materials on the DocuSign Trust Center to help you avoid being the victim of phishing.
Please remember you will never receive a document via DocuSign from White River Credit Union without previously knowing you will be receiving it. If you do receive something unexpected DO NOT click the links.
Please contact us if you have questions or concerns.