DocuSign and LogMeIn, on alert for possible security breach
LogMeIn people and DocuSign these days have been busy reviewing the safety of their services. And not because of scheduled maintenance, but investigating some reports of users who may be linked to a Security breach, which would not be at all a minor issue given the characteristics of both.
In early December, some users reported that they started receiving emails with Malware to specific addresses registered with LogMeIn and DocuSign, which was preliminarily believe that the companies may have been leaking email addresses to third parties. Even some users said that the directions that came these malicious emails had been created specifically for use with LogMeIn or DocuSign.
In LogMeIn are thoroughly reviewing the matter and the investigation is still open, although a company representative said that 30% of emails answered affected somewhat generic names, citing the examples email@example.com addresses, LMI@acme. com, firstname.lastname@example.org, therefore, in some cases it could be an unfortunate coincidence.
Meanwhile, from DocuSign also reported that work is the matter with the respective law enforcement agencies, although it could also be an unfortunate coincidence: in recent weeks, such alerts via email attacks have increased by up to 3600% by some antivirus companies.
Both firms involved now ruled by a security breach, although the total certainty when the investigation will be completed and delivered the results. And it could be that, having internal guilt gap or two companies, one never knows.
Link: LogMeIn, DocuSign Investigate Claims Breach (Krebson Security)Tags: DocuSign, E-Mail, LogMeIn, Malware, Security, security breach