It traces back to a Microsoft Word document.
Electronic signature service DocuSign said on Tuesday hackers had temporarily gained access to a database containing customer emails, which the company linked to a surge in phishing emails sent to its users.
DocuSign’s service is widely used by big bank and insurers for keeping track of financial transactions, with 12 of the top 15 U.S. financial services companies using the company’s software.
The privately held company, valued at about $3 billion, makes software to add legally compliant electronic signatures to documents.
DocuSign said only email addresses were accessed. Names, physical addresses, passwords, social security numbers, or credit card data were not accessed, the company said on its website.
San Francisco-based DocuSign said earlier this month that it was tracking the malicious e-mail campaign.
DocuSign has about 200 million users and has been embraced as a quick and secure way to sign contracts and other official documents using a finger on a mobile device.