Download the NECU app on iTunes. Dismiss

At Northeast Credit Union we are committed to the protection of your personal and financial information.

What happened?

Recently, DocuSign informed the public that it discovered that someone had hacked into its systems and grabbed some email addresses. However, they confirmed that their own eSignature document verification service hasn’t been breached and its customers’ documents are safe.

How did they find it?

They detected an increase in phishing emails sent to some of their customers and users recently, where the emails “spoofed” the DocuSign brand in an attempt to trick recipients into opening an attached Word document that, when clicked, would install malicious software on their computers.

I've used DocuSign, now what?

If you’ve used DocuSign, please make sure to check back constantly to the company’s website and their dedicated section Trust Center for more information. Its security staff has implemented a plan to secure its systems and has notified law enforcement.

Are there any steps I should follow?

Via their Trust Center, DocuSign has provided some steps clients can take to further ensure you are not affected.

  • Delete any emails with the subject line, “Completed: [domain name] — Wire transfer for recipient-name Document
  • Ready for Signature” and “Completed [domain name/email address] — Accounting Invoice [Number] Document Ready for Signature.” These emails are not from DocuSign. They were sent by a malicious third party and contain a link to malware spam.
  • Forward any suspicious emails related to DocuSign to, and then delete them from your computer.
  • They may appear suspicious because you don’t recognize the sender, weren’t expecting a document to sign, contain misspellings (like “” without an ‘i’ or, contain an attachment, or direct you to a link that starts with anything other than or
  • Ensure your antivirus software is enabled and up to date

As we have recommended in the past, please be cautious when opening email from an non-trusted source. Never open attachments unless you know exactly who sent them and why, and don’t click on links in emails unless the address is valid and trusted. Make sure your browser is up to date and check that a site looks legitimate before entering any personal information.

Help Us Help You

It is very important that we have your current contact information on file including phone numbers for home, work, mobile and email address in case we need to contact you if we suspect your cards have been compromised. Your participation in responding to our contact efforts is critical to preventing potential risk and avoiding restrictions we may place on the use of your card.

         Contact us with your most up-to-date contact information

         Notify us if you will be traveling and using your debit card

         Report a Lost or Stolen Visa Card at 888-436-1847