31 Jan 2013
DocuSign customer info found in Google searches
DocuSign is the exclusive provider for the electronic signature PKI for LinkedIn, Amaerican Airlines, Sony, and even the 1M+ member National Association of Realtors. The DocuSign customer names, emails, document names, and GPS coordinates of where documents were signed were found available despite DocuSign’s claim that login credentials are first required. Document names and their customer email addresses alone could be enough for a loss of confidential business. One question still being asked: Why weren’t all users of these DocuSign client companies informed of the risk (regardless of the window of opportunity after detection?) ]]>