Two lawyers on the State Bar of Michigan Family Law Listserv alerted members to a serious problem with Gmail today. This news and their advice is something I want to pass along to my readers. Email security is always imperative, especially given how often documents with sensitive information are exchanged by a lawyer and client. It is my hope that you'll be able to take the time to secure any email account that you may have with Gmail.
A hacker group out of Russia has released a text file containing the email addresses and passwords to over 5 million GMail accounts. My account was on this list with an old password that I have changed in the last year or two and that thankfully I no longer use for anything. There are ways to check if your account was affected, but that would require downloading a rather large text file and searching it. It's safer to simply assume that your email account has been compromised and to change your GMail password now, as well as on any other sites for which you use the same password. There's no word on how the passwords were obtained unfortunately. That's still being looked into. This information brought to you by Kenneth R. Burger, Law Offices of John Danielski, P.C., 20600 Eureka Road, Suite 444, Taylor, MI 48180
Scott Bassett, a frequent guest author on this Blog about computer technology issues adds this valuable advice:
And equally important, while you are in your Google account settings to change your password, enable Google's two-step verification. The steps are here:
In fact, many Cloud-based services now offer two factor or two step (one in your head, a second in your hand) verification. The most common way to implement this is for the second step to be a text message to your cell phone. That means anyone trying to hack into your account would first need to guess (or steal) your password and would also have to be in physical possession of your phone. It's not likely a Russian hacking group would have your phone, so this greatly increases your security.
Here are a couple of lists, some with detailed "how to" instructions:
This applies to cloud storage and online backup, banks, webmail accounts (Yahoo, Outlook.com, etc.). Doing this, and implementing a password manager like LastPass or Dashlane would be a good weekend project.
Scott Bassett, Esq., 2407 89th Street NW, Bradenton, FL 34209-9443, (248) 232-3840
(248) 928-0355 eFax, Licensed in Michigan Only, Michigan Cases Only
NOTE: There is another email security issue that I've been made aware of in the past few days. One of the first concerns I address with a new client is email security. I want your case to be resolved in the best way possible with the least amount of acrimony. This will help both parties and their children move forward in a more healthy and constructive manner. Please log in tomorrow to read another post about what could be a very prevalent and serious problem with email security--one that, if detected (and it's easily detected) could send the perpetrator to prison for violation of wiretapping laws. You can be sure not to miss this by adding your email address in the upper right hand corner to receive automatic reminders and links to new posts.