Docsketch document signing service is hacked; customer documents are leaked

Docsketch, an electronic documentation signing service, has begun notifying its users of a data breach incident that occurred a few months ago. In the message, the company mentions that an unauthorized third party managed to access a security backup of its database sometime in August 2020.

The database presented contained a sample of the Docsketch service dated 9 July 2020. In the statement, the company reveals that “the database contained contact information and form fields related to documents filled out by users and their contacts”. The message was signed by Ruben Gamez, founder of Docsketch.

The employer submits that threat actors failed to access documents in strict sense, although he points out that they were able to access user information recorded in his documents. Among the information presented are also details such as login data and user contacts. 

Although some user passwords were also compromised, the company mentions that this data was hashed, so threat actors would not be able to use it to access customers’ accounts. Gamez did not add further details about the incident or the security measures implemented to mitigate the attack.

Most of the affected users have already been notified. In the event that your personal or financial information may have been compromised, the company will provide users with appropriate security mechanisms to prevent bank fraud, identity theft, among other crimes. Gamez concluded by mentioning that the company’s systems have already been updated, so the risk was completely mitigated: “We continue to correct some details, but we can assure you that our priority is to secure our infrastructure.” 

Docsketch is one of the 25,000 most popular platforms in the world, according to Alexa’s list.