Another day, another security breach. Alex Holden, chief information security officer at Hold Security, discovered that 272 million emails are currently being traded in Russia’s criminal underworld. Nearly every major email provider was breached, including Google, Yahoo, and Microsoft.

If you route your email through any of the providers mentioned, here are five steps you can take to mitigate a potential breach:

  1. Change your password. Now is the time to change your password. Read our password guide to make sure you are creating a password that will deter hackers.
  2. Use your domain as your email address. If you are still using,, or, change it and get a real email address using your law firm’s domain. Aside from being more professional, hackers are less likely to catch you in their mass nets when scraping for email credentials.
  3. Enable two-factor authentication. Almost every major email provider offers two-factor authentication, and you should be taking advantage of that. Even if your password is leaked, you are still guarded against nefarious hackers. You should also enable two-factor authentication for other cloud services you use professionally and personally.
  4. Encrypt your email. While the process is a little bit convoluted, you can encrypt your web-based email communications.
  5. Consider setting up a secure portal. Even if you do all the above, email is notorious for being breached. Setup a secure communications portal for your clients to communicate and share documents. You definitely don’t want your client data leaked.

If you’ve done all the above, you can feel relatively confident your email is safe and sound from underground Russian criminals jockeying your credentials. If you haven’t protected your email by following any of the above steps, now is a good time to catch up.

Leave a Reply