When working with victims of domestic violence, Operation: Safe Escape endeavors to recommend, but not necessarily endorse, certain security products and services that may help an individual communicate securely with their support system, our team members, or anyone else that they wish to speak to. For many use cases, one of those recommendations is to use ProtonMail.
Recently, an individual released a statement claiming to have “hacked” ProtonMail and stolen usernames, passwords, and email content. We have received several messages from people that we’ve worked with that are now concerned about their safety. At this time, those claims are unsubstantiated and have been refuted by ProtonMail. At this time, we see no reason to believe that this is anything more than a scam and an attempt to extort money from the company. However, if any information is revealed that substantiates this claim, we will update accordingly.
As a general precaution, we highly recommend that all users change your password to something you haven’t used before and enable two-factor authentication on your accounts. Those recommendations have always been a part of our recommended solution set, so they are likely already in place.
Furthermore, we condemn in the strongest terms any scam or FUD (Fear, Uncertainty, and Doubt) campaign that negatively impacts the safety and perceived safety of victims of domestic violence.
If you are an individual impacted by domestic violence and would like to discuss your concerns, please feel free to reach out to us at firstname.lastname@example.org