Emergency Guide

Your Account Was Hacked: Do These Things Immediately

The first 30 minutes after you discover a hacked account determine how much damage gets done. Here's what to do — in order — to stop the bleeding and lock attackers out for good.

Updated: March 2026 Silent Security Research Team
Silent Security Research Team
Last reviewed March 2026  ·  Our methodology  ·  Affiliate disclosure
Independent Review
Most important first step: If possible, do this from a different device than the one you normally use. If your computer or phone is compromised, attackers may be watching what you type.

If You're Locked Out

If you can't log in because your password was changed, go to the account's official login page and use "Forgot password" or "Account recovery." For Google: accounts.google.com/signin/recovery. For Apple: iforgot.apple.com. For Facebook: facebook.com/login/identify. Have your phone or a backup email handy for the recovery code.

Once You're Back In — Do These 8 Things

1

Change your password immediately — make it unique

Use a strong, unique password you've never used anywhere else. This is the moment to start using a password manager if you haven't been. Don't reuse passwords — if this account password was used elsewhere, change it everywhere.

2

Check email forwarding rules — this is the hidden attack

This is what most people miss. Attackers almost always set up a forwarding rule to silently copy all your incoming mail to themselves — so they keep reading your email even after you change your password. In Gmail: Settings → See all settings → Forwarding and POP/IMAP. In Outlook: Settings → Mail → Forwarding. Delete any rules you didn't create.

3

Remove unknown recovery emails and phone numbers

Check your account's security settings. If there's a recovery email address or phone number you don't recognize, remove it immediately — that's how attackers would re-lock you out after you change your password. Replace with your real recovery options.

4

Sign out of all other sessions

Google: Security → Your devices → remove all others. Apple: your account settings → tap each device you don't recognize → Remove. Facebook: Settings → Security → Where you're logged in → Log out of all sessions. This kicks out anyone who's currently in your account.

5

Review connected apps — revoke anything unfamiliar

Attackers may have authorized a third-party app that gives them ongoing access even after you change your password. In Gmail: Security → Third-party apps with account access. In Facebook: Settings → Apps and Websites. Remove anything you don't recognize or haven't used in a year.

6

Check your sent mail — attackers may have phished your contacts

Open your Sent folder and look for emails you didn't send — especially any with unusual links, requests for money, or "I'm in trouble" messages. If your contacts received phishing emails from your account, you'll want to warn them immediately. Send a message from a clean device explaining what happened.

7

Enable two-factor authentication

Turn on 2FA on every account that supports it — email, social media, banking, cloud storage. Use an authenticator app (Google Authenticator, Authy) rather than SMS codes where possible — SIM-swapping attacks can intercept SMS 2FA. This one step makes future account takeovers dramatically harder.

8

Check haveibeenpwned.com to understand the breach

Enter your email at haveibeenpwned.com to see which data breaches included your credentials. This tells you how attackers likely got your password in the first place and which other accounts may also be compromised. Change passwords on every account listed.

🔐
If financial accounts were accessible through this email: Call your bank and credit cards immediately. Place a free credit freeze at Equifax, Experian, and TransUnion (annualcreditreport.com) — this prevents new accounts being opened in your name even if attackers have your Social Security number.

The fix: a password manager makes this impossible to repeat

1Password generates and stores unique passwords for every account. Never reuse a password again — and never go through this again.

Get 1Password See Full Review & Score Breakdown →

Frequently Asked Questions

My email was used to send spam. Will I get in trouble?

No — receiving a hacked account spam complaint isn't a legal issue for you. Most email providers understand this happens. Report the compromise to your email provider through their support channel, and change your password and security settings as described above.

How did this happen if I had a strong password?

Strong passwords don't protect against phishing (where you're tricked into entering your password on a fake site), credential stuffing (your password from an old breach used on this account), or malware on your device. Check haveibeenpwned.com to see if your credentials were in a known data breach.

Is it safe to stay with the same email provider after being hacked?

Usually yes — the provider's systems weren't typically compromised, your individual account was. Once you've secured it following the steps above, the account is generally safe. If you want to move to a more security-focused provider, Proton Mail is a strong choice.

Should I report this to the police?

For most account hacks, police have limited ability to help. However, if money was stolen, if the hack involved extortion or threats, or if it's part of a wider identity theft, file a report — you'll need it for bank disputes or insurance claims.

Related Guides

🪪 Identity Theft vs. Credit Card Fraud 📱 Phone Stolen 🔒 Social Media Privacy