Keeping you informed.
Sandia Area has been notified that DocuSign has had a breach of their non-core system. This breach contained email addresses of some users. It has been discovered that some individuals have received malicious emails disguised as being sent by DocuSign. We want to assure you that no breach has occurred within any of the Sandia Area information systems and there has been no loss of confidential member information.
Furthermore, DocuSign is making effort to discover the origination of this scam and are confident that there has not been a breach in any of the DocuSign information systems.
Sandia Area uses DocuSign as a convenience tool for members to sign documents electronically. Please note, we will never send you anything via DocuSign without first having discussed this with you. If you receive an email from DocuSign but have not been notified by a representative at Sandia Area, do not attempt to open the email.
As always, the credit union urges all members to “know the sender” of an email prior to opening an attachment or clicking any links contained within the email. As a recipient, you can recognize safe, secure DocuSign links by hovering your mouse over them before you click on them to ensure that they start with: https://www.docusign.com or https://www.docusign.net. Any other links within emails made to look like DocuSign system emails are unsecure and unsafe. DocuSign does not include .zip attachments in emails.
Additional information and constant updates can be found at:
Security and Fraud Protection
Chances are, you did not win a million dollars in a lottery you don't recall entering. Nor do you have a bevy of "free" prizes waiting for you as a reward for being a valued customer. So, if a telemarketer calls with this kind of news and asks for your account number, other personal information or cash upfront to collect your "prize," hang up. It's a scam.