Security Thought Leader on DocuSign Breach: “Yet Another Wakeup Call”

Digital signature service company DocuSign announced a security breach last Monday: A database of customer's emails had been stolen and used in a phishing campaign. But was the latest in a seemingly endless series of data breaches and hacking attempts actually that big a deal? Tech.Co sought the advice of one leader in the security sector.

We Need a Change

Robert Block, SVP of Identity Strategy at the security company SecureAuth, had this to say about the data breach and the stolen email list:

“The DocuSign breach is yet another wakeup call for organizations to move beyond simple user name and password based credential security, where attackers share this information causing further damage. The way organizations are approaching authentication and securing credentials needs to be rethought for cyber security strategy & investment to have any shot and being successful.”

Study: Does anyone actually care about their online security?

So What's in the Future?

Can we expect the problem to get worse? If we don't learn from our wakeup calls, nothing's going to change. Here's how Block suggests we push ahead:

“Even simple two-factor authentication is no longer enough to safeguard against today’s attacks. Pushing forward, organizations are realizing they need to adopt a fundamentally new approach to prevent to misuse of stolen credentials that doesn’t just add an extra step to users authentication process, but instead provides effective protection while providing a good user experience. Modern approaches such as adaptive access control techniques and identity based detection work invisibly to the user but work to protect, detect, and ultimately remediate attacks essentially rendering stolen credentials useless.

Once we focus on preventing misuse of instead of securing the credential than we will see a reduction in compromised credentials resulting in data breaches.”

In the meantime? We would recommend any DocuSign customers update their passwords and ignore any suspicious email.

Read more about cybersecurity at Tech.Co.`

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at

Written by:
Adam is a writer at and has worked as a tech writer, blogger and copy editor for more than a decade. He was a Forbes Contributor on the publishing industry, for which he was named a Digital Book World 2018 award finalist. His work has appeared in publications including Popular Mechanics and IDG Connect, and his art history book on 1970s sci-fi, 'Worlds Beyond Time,' is out from Abrams Books in July 2023. In the meantime, he's hunting down the latest news on VPNs, POS systems, and the future of tech.
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is's top-rated VPN service See Deals