Digital signature service DocuSign confirmed Monday it had been hacked and a third-party was able to access a database that contained customer information.

DocuSign said the hacker was able to access user email addresses but said no names, physical addresses, passwords, social security numbers, credit card data or other information was exposed.

Read: Google Docs Phishing Scam: Email Attack Hijacks User Accounts By Posing As Google Docs

DocuSign’s forensic analysis indicated the hacker was able to gain temporary access to a noncore server kept separate from the company’s primary databases that communicate service-related announcements to users via email.

The company assured users documents sent through the DocuSign’s eSignature system — which is commonly used to electronically sign documents such as business contracts — were not compromised.

“DocuSign’s core eSignature service, envelopes and customer documents and data remain secure,” the company said.

While the database hack may not have exposed much by way of personal or private information, it does reveal more about a case of malicious emails disguised to look like emails from DocuSign that hit inboxes last month.

Read: Phishing Scams: How To Identify Fraudulent Emails That Want To Steal Your Money, Identity

A number of users have received emails purporting to be from DocuSign that have subject lines like: “Completed: [domain name] – Wire Transfer Instructions for [recipient name] Document Ready for Signature” or “Completed [domain name/email address] – Accounting Invoice [Number] Document Ready for Signature.”

The emails were not sent by DocuSign but rather by the third-party actor who gained access to the email database of DocuSign customers. The messages are sent with attachments — often PDF, Word or .zip files — that are designed to appear like a document that needs to be signed but actually contain malware.

“In short, the malicious emails pretending to come from DocuSign were sent by an unauthorized third-party who had accessed email addresses via one of DocuSign’s noncore systems. The hackers then sent out phishing emails to those email addresses,” DocuSign confirmed.

The company noted it does not send emails with file attachments and advised customers who receive the malicious emails to forward them to spam@docusign.com, then delete them from their inboxes .

DocuSign’s issues are just the latest in an increase in phishing attempts that have tricked users into opening documents. Earlier this month, a malicious actor was able to gain access to Gmail accounts by creating an app that posed as Google Docs and asked for complete access to the user’s Gmail account and contacts.

Earlier this year, Microsoft exposed potentially sensitive documents uploaded to the company’s website Docs.com, a document hosting site that allowed any person to search files that were made public by default.

RELATED STORIES
Google Malware