Alerts and updates

Subscribe using the DocuSign Trust Center Alerts RSS feed URL: https://www.docusign.com/trust/alerts/feed.
Add an RSS reader extension to your browser (Chrome, Firefox), or enable via Outlook on a PC.

  • DocuSign continues to track large-scale phishing campaigns with two known attack vectors. 

    One vector is through improper use of DocuSign accounts in which malicious URLs are hidden within actual DocuSign envelope documents.

    The sender email addresses associated with this activity are typically from public domains such as email[.]com, mail[.]com, workmail[.]com, linuxmail[.] or co[.]za. 

    Email subject line theme examples:

    • Bank Confirmation
    • Grant Payment
    • Payment Information
    • New Invoice
    • Shared Proposed Document from [name]
    • Proposal from [name]
    • Shared Document Online
    • Loan Confirmation

    Report improper use of DocuSign accounts directly through the envelope email notification Report Abuse link or by sending an email to securityaccountabuse@docusign.com.

     

    The second vector is through imitation of DocuSign, spoofing dse@docusign.net to trick the recipient into believing it is an email from DocuSign.

    Bad actors are reusing a valid security code in a convincing copy of DocuSign’s email notification that they then link to a phishing URL through the text link intended to review envelope documents. This activity is not coming from a DocuSign account.
    The sender email address is spoofed to imitate a DocuSign email address (dse@docusign.net). 

    Email subject line theme examples:

    • settlement agreement
    • completed
    • [name] sent you an important document
    • closing statement/wiring instructions
    • order form
    • updated contract agreement
    • completed: please docusign
    • complete: please review

    If you are unsure whether or not you received an imitation DocuSign email fitting this attack vector we recommend reviewing the activity in your DocuSign account for documents matching the email notification.
    Report imitation of DocuSign to spam@docusign.com

    For more information on how to spot phishing, please see our Combating Phishing and Protecting Your Organization Against DocuSign Brand Impersonation white papers.


     
  • The DocuSign CLM and CLM.CM August 22.6 Product Release will be deployed to the EU11, EU21 Production environments on Friday, August 5, 2022 between 1:30 PM and 5:30 PM, U.S Central Time, and to the NA11, NA21, US11, US12 Production environments between 9:00 PM and Midnight, US Central Time. We do not anticipate any impact to platform availability or access during this time.

    Release Notes for this upcoming release can be found on the DocuSign Support Center.

    Please contact Technical Support if you have any questions.

  • The following changes were made to the subprocessor list for DocuSign CLM:

    • Added Microsoft Azure as a data hosting provider for new accounts provisioned in Australia and Canada and updated Germany and Netherlands locations to the EU.
    • Removed Oya as a subprocessor.

    Please contact privacy@docusign.com if you have any questions regarding this update. 

  • The DocuSign CLM and CLM.CM August 22.6 Product Release will be deployed to the UAT environment on Thursday, July 21, 2022 between 8:00 PM and 11:00 PM, US Central Time. We do not anticipate any impact to platform availability or access during this time.

    Announcements for this upcoming release can be found on the DocuSign Support Center. Please continue to check the Support Center for enhancements and fixes that will be posted before UAT deployment. 

    Please contact Technical Support if you have any questions.

  • On Monday, July 25 2022, @8:00 PM CST, DocuSign CLM/SpringCM will be performing a CLM public wildcard certificate renewal for springcm.com and springcm.net domains in our UAT environment.

    On Monday, August 1 2022, @8:00 PM CST, we will be performing the same exercise in our PROD environment.


    Find the *.springcm.com public certificate here.

    Find the *.springcm.net public certificate here.

  • The DocuSign CLM and CLM.CM June 22.5 Product Release will be deployed to the EU11, EU21 Production environments on Friday, June 24, 2022 between 1:30 PM and 5:30 PM, U.S Central Time, and to the NA11, NA21, US11, US12 Production environments between 9:00 PM and Midnight, US Central Time. We do not anticipate any impact to platform availability or access during this time.

    Release Notes for this upcoming release can be found on the DocuSign Support Center.

    Please contact Technical Support if you have any questions.

  • [June 6, 2022, 13:50 PDT] This scheduled maintenance will be delayed. Updated information on timing will be posted in a new Trust Center Alert here.

    The DocuSign CLM Technology Team will be conducting scheduled maintenance on the following dates and times for the following environments:

    June 10, 2022 9:00pm CEST - June 11, 2022 12:00am CEST: CLM EU21 Production
     
    During this time customers on the affected instances may experience moments of brief inaccessibility to their account.

    Please contact DocuSign CLM Technical Support with any questions.

  • The DocuSign CLM and CLM.CM June 22.5 Product Release will be deployed to the UAT environment on Thursday, June 9, 2022 between 8:00 PM and 11:00 PM, US Central Time. We do not anticipate any impact to platform availability or access during this time.

    Announcements for this upcoming release can be found on the DocuSign Support Center. Please continue to check the Support Center for enhancements and fixes that will be posted before UAT deployment. 

    Please contact Technical Support if you have any questions.

  • DocuSign experienced a disruption across its North American data centers on Tuesday, May 24. Impacted customers were those relying on services provided by such data centers, including DocuSign eSignature, CLM, Rooms, Notary and related services.  While we are still investigating, we have found no evidence or indication that this service disruption was due to a cyberattack or that any data was compromised. 
  • 14:20 PDT: DocuSign is aware of an issue impacting the North America Sites, and working hard to restore the service level as soon as possible. Please visit https://status.docusign.com/ for the most up-to-date information.
  • All DocuSign services in North America have been restored following a brief disruption. Please refer to https://status.docusign.com for the status of specific DocuSign service environments. Customers reaching out to Customer Support may experience a slight delay in response times.

     

  • The DocuSign CLM and CLM.CM May 22.4 Product Release will be deployed to the EU11, EU21 Production environments on Friday, May 13, 2022 between 1:30 PM and 5:30 PM, U.S Central Time, and to the NA11, NA21, US11, US12 Production environments between 9:00 PM and Midnight, US Central Time. We do not anticipate any impact to platform availability or access during this time.

    Release Notes for this upcoming release can be found on the DocuSign Support Center.

    Please contact Technical Support if you have any questions.

Pages