What to Do When You’ve Been Hacked (Vital 10 Things to Do)

In today’s digital age, hacking incidents are alarmingly common. Whether you’re an individual or a business, falling victim to a hack can be a daunting experience. If you’ve been hacked, it’s crucial to act swiftly and efficiently to mitigate damage and regain control of your digital presence. This guide will walk you through the necessary actions to take when your accounts or systems have been compromised.

1. Stay Calm and Assess the Situation

When you first discover that you’ve been hacked, it can be a stressful and overwhelming experience. However, it’s essential to stay calm and approach the situation methodically. Here’s how you can effectively assess the situation:

Identify the Affected Accounts or Systems

Start by pinpointing which accounts or systems have been compromised. This could include:

  • Email Accounts: Check for unauthorized login attempts or unfamiliar emails in your sent folder.
  • Bank Accounts: Look for unusual transactions or changes to your account details.
  • Social Media Accounts: Notice any strange posts, messages, or changes in account settings.
  • Computer or Mobile Devices: Be aware of any unusual behavior such as slow performance, unexpected pop-ups, or new programs that you didn’t install.

Determine the Extent of the Breach

Understanding the scope of the breach is crucial in taking appropriate action. Consider the following:

  • Unauthorized Transactions: Check your bank and credit card statements for any unauthorized transactions.
  • Personal Information Exposure: Assess if any sensitive personal information (such as Social Security numbers, passwords, or personal identification numbers) has been accessed or exposed.
  • Communication with Contacts: Look for any unusual communications sent from your accounts, as hackers may attempt to scam your contacts.
  • System Changes: Note any modifications in your system settings, installed applications, or unusual device behavior.

Document Suspicious Activity

Make a detailed record of all suspicious activity. This documentation will be helpful when reporting the breach to relevant parties, such as your bank, service providers, or law enforcement. Include:

  • Dates and Times: Record when you first noticed the breach and any suspicious activities.
  • Description of Activities: Provide detailed descriptions of what was unusual or unauthorized.
  • Screenshots: Take screenshots of any suspicious transactions, messages, or system alerts.

Prioritize the Immediate Threats

While assessing the situation, prioritize dealing with the most critical threats first. If your financial information is compromised, contact your bank immediately to freeze accounts and prevent further unauthorized transactions. If your email is hacked, changing the password should be your top priority to stop further unauthorized access.

2. Disconnect from the Internet

Once you’ve assessed the situation and confirmed that you’ve been hacked, the next crucial step is to disconnect your device from the internet. This prevents the hacker from maintaining remote access to your system and stops any ongoing malicious activities. Here’s a more detailed breakdown of this step:

Immediate Actions to Disconnect

  • Unplug the Ethernet Cable: If you’re using a wired connection, unplug the Ethernet cable from your device.
  • Turn Off Wi-Fi: If you’re connected via Wi-Fi, disable the Wi-Fi connection on your device. You can usually do this by toggling the Wi-Fi setting in your system’s network preferences or using the Wi-Fi button on your device.
  • Turn Off the Router: For added security, you can also turn off your router. This step will disconnect all devices connected to your home or office network, ensuring the hacker loses access.

Why Disconnecting is Important

  • Halts Unauthorized Access: Disconnecting from the internet prevents the hacker from accessing your device remotely, halting any active intrusions.
  • Stops Data Theft: It stops any ongoing data exfiltration, ensuring that no further information is sent to the hacker.
  • Prevents Malware Spread: Disconnecting can prevent malware from spreading to other devices on the same network.

Next Steps After Disconnecting

  • Isolate Affected Devices: Keep the affected device isolated until you can run a full security check. Avoid reconnecting it to the internet until you are sure it’s safe.
  • Use a Secure Device for Communication: If you need to go online to change passwords or contact support, use a different, secure device that you are confident has not been compromised.

By disconnecting from the internet, you’re taking a critical step to contain the breach. This action buys you time to address the situation without the immediate threat of ongoing unauthorized access.

3. Change Your Passwords

After disconnecting from the internet, your next priority should be to change the passwords of your compromised accounts. This step is crucial to regain control and prevent further unauthorized access. Here’s how to effectively manage and change your passwords:

Prioritize Critical Accounts

Start with the most critical accounts, such as:

  • Email Accounts: These are often the gateway to other accounts. Regain control here first.
  • Banking and Financial Accounts: Protect your financial information by changing passwords for your bank, credit card, and other financial services.
  • Social Media Accounts: Prevent hackers from misusing your social media profiles.
  • Work-Related Accounts: If the hack affects your professional life, secure work emails and any platforms you use for business.

How to Create Strong, Secure Passwords

When changing your passwords, ensure they are strong and secure. Here are some tips:

  • Use a Mix of Characters: Combine upper and lower case letters, numbers, and special characters.
  • Avoid Common Words: Don’t use easily guessable information like birthdays, names, or simple words.
  • Make it Long: Aim for at least 12 characters to enhance security.
  • Unique for Each Account: Use a different password for each account to prevent a domino effect if one password is compromised.

Use a Password Manager

A password manager can generate and store complex passwords for you. This tool simplifies the process of maintaining unique, strong passwords for all your accounts. Popular password managers include LastPass, Dashlane, and 1Password.

4. Enable Two-Factor Authentication (2FA)

Enabling two-factor authentication (2FA) is a vital step in securing your accounts after a hacking incident. 2FA adds an extra layer of security, making it much harder for hackers to gain access even if they have your password. Here’s how to effectively set up and manage 2FA:

Understanding Two-Factor Authentication

Two-factor authentication requires two forms of verification to access your account:

  1. Something You Know: Your password.
  2. Something You Have: A secondary code sent to your phone or generated by an app.

This dual verification process ensures that even if a hacker has your password, they cannot access your account without the second factor.

Types of 2FA

There are several types of two-factor authentication methods you can use:

  • SMS-Based 2FA: A code is sent to your mobile phone via SMS.
  • Authenticator Apps: Apps like Google Authenticator, Authy, or Microsoft Authenticator generate time-based one-time passwords (TOTP).
  • Hardware Tokens: Physical devices like YubiKey that generate authentication codes.
  • Biometric 2FA: Use of fingerprints, facial recognition, or retina scans (common on smartphones and some laptops).

How to Enable 2FA

To enable 2FA, follow these general steps, which may vary slightly depending on the service or application:

  1. Log In: Access your account and navigate to the security settings.
  2. Find 2FA Settings: Look for options labeled “Two-Factor Authentication,” “2-Step Verification,” or similar.
  3. Choose Your 2FA Method: Select your preferred 2FA method (SMS, Authenticator App, etc.).
  4. Set Up the Method: Follow the instructions to link your phone number or set up an authenticator app. For hardware tokens, you will usually need to connect the device to your account.
  5. Verify Setup: Complete the setup by entering the code sent to your phone or generated by your authenticator app to confirm that 2FA is correctly configured.
  6. Save Backup Codes: Many services provide backup codes that you can use if you lose access to your primary 2FA method. Store these codes in a secure place.

Benefits of Using Authenticator Apps

Authenticator apps are often recommended over SMS-based 2FA due to their enhanced security features:

  • Reduced Risk of SIM Swapping: SMS-based 2FA can be compromised through SIM swapping, where attackers transfer your phone number to their device. Authenticator apps are not vulnerable to this attack.
  • Offline Capability: Authenticator apps generate codes without needing an internet connection.
  • Multiple Accounts: You can manage multiple 2FA accounts from one app.

Best Practices for 2FA

  • Enable 2FA on All Accounts: Any account that offers 2FA should have it enabled. Prioritize email, financial, and social media accounts.
  • Keep Authenticator App Secure: Protect access to your authenticator app with a strong password or biometric lock.
  • Backup Methods: Have a backup 2FA method (such as a secondary phone number or another authenticator app) to ensure you can still access your accounts if your primary method fails.

5. Scan for Malware

After securing your accounts with new passwords and two-factor authentication, the next crucial step is to scan your devices for malware. Malware can linger on your system, continuing to steal information or cause damage even after you’ve taken other protective measures. Here’s how to effectively scan for and remove malware:

Understand What Malware Is

Malware (malicious software) includes viruses, spyware, ransomware, and other harmful programs that can infiltrate your device. It can:

  • Steal Personal Information: Keyloggers can capture your keystrokes, including passwords.
  • Damage Files: Viruses can corrupt or delete your files.
  • Monitor Activity: Spyware can track your online activities.
  • Extort Money: Ransomware can lock your files and demand payment for access.

Choosing the Right Antivirus Software

To scan for malware, you need reliable antivirus software. Consider the following popular and reputable options:

  • Norton Antivirus
  • McAfee
  • Bitdefender
  • Kaspersky
  • Malwarebytes

Ensure your antivirus software is up-to-date to recognize and deal with the latest threats.

Steps to Scan for Malware

  1. Install or Update Antivirus Software:
    • Download and install your chosen antivirus software if you don’t already have it.
    • Make sure the software is updated to the latest version to detect the most recent malware.
  2. Run a Full System Scan:
    • Open the antivirus software and select the option for a full system scan. This scan will check all files and programs on your device.
    • Allow the scan to complete, which may take some time depending on the size of your hard drive and the number of files.
  3. Review Scan Results:
    • Once the scan is complete, review the results carefully.
    • The software will identify any detected malware and suggest actions, such as quarantine or removal.
  4. Remove Detected Malware:
    • Follow the antivirus software’s recommendations to remove or quarantine the detected threats.
    • Restart your device if prompted to complete the removal process.

6. Notify Relevant Parties

After securing your devices and accounts, it’s essential to inform relevant parties about the breach. Promptly notifying those who need to know helps prevent further damage, protect your information, and start the process of recovery. Here’s how to effectively notify the appropriate parties:

Inform Your Bank and Financial Institutions

If the hack involved financial information or transactions, immediately contact your bank and any other financial institutions you use. Here’s what to do:

  1. Call Customer Service:
    • Use the customer service number on the back of your card or from the institution’s website. Avoid using contact information from suspicious emails or messages.
  2. Report Unauthorized Transactions:
    • Provide details of any suspicious transactions and request that they be investigated.
    • Ask for temporary holds or freezes on your accounts to prevent further unauthorized transactions.
  3. Request New Cards:
    • If your credit or debit card information was compromised, request new cards with different numbers.
  4. Change PINs and Online Banking Passwords:
    • Change your PINs and passwords for online banking immediately.
  5. Monitor Accounts:
    • Regularly check your account statements for further suspicious activity.

Notify Your Employer

If the hack involves work-related accounts or information, inform your employer or IT department as soon as possible. They can help secure your work accounts and take necessary steps to protect the organization. Actions may include:

  1. Report the Incident:
    • Contact your supervisor or IT department and explain the situation.
  2. Follow Company Protocols:
    • Follow any company protocols for reporting security incidents.
  3. IT Assistance:
    • Allow the IT team to check your work devices and accounts for breaches and assist in securing them.

Inform Friends and Family

If your personal email or social media accounts were hacked, notify your contacts. This can help prevent them from falling victim to scams or phishing attempts sent from your compromised accounts. Here’s how:

  1. Send a Warning Message:
    • Use a secure account to send a message informing your contacts that your account was hacked and to ignore any suspicious messages or links.
  2. Post a Public Notice:
    • If your social media account was hacked, post a public notice after regaining control to alert others.
  3. Advise Caution:
    • Encourage your contacts to be cautious of unusual messages or requests that seem to come from you.

Report the Incident to Authorities

For serious breaches, especially those involving financial fraud or identity theft, it’s important to report the incident to the relevant authorities. Steps include:

  1. File a Police Report:
    • Contact your local police department to file a report. Provide all relevant details and documentation.
  2. Report Identity Theft:
    • Report your stolen identity to the Federal Trade Commission (FTC) via IdentityTheft.gov or your country’s equivalent authority.
  3. Contact the Cybercrime Unit:
    • Many countries have specialized units for handling cybercrimes. Reporting to these units can help with the investigation and potentially track down the perpetrators.

Notify Other Affected Services

Depending on the nature of the hack, you might need to notify other services or organizations. This includes:

  1. Email Providers:
    • Inform your email service provider about the breach. They can help secure your account and monitor for suspicious activity.
  2. Online Services:
    • Notify any other online services where your accounts were compromised, such as cloud storage, e-commerce sites, or subscription services.
  3. Insurance Providers:
    • If you have cybersecurity insurance, contact your provider to report the incident and get assistance with recovery and protection measures.

Document Your Notifications

Keep a record of all notifications you make, including:

  1. Dates and Times:
    • Record when you notified each party.
  2. Contact Information:
    • Note the names and contact details of the people you spoke with.
  3. Summary of Discussions:
    • Briefly summarize what was discussed and any actions taken.

By notifying relevant parties promptly, you help prevent further damage and facilitate the process of securing your information. Clear communication with these parties is crucial in minimizing the impact of the hack and recovering your accounts and information.

7. Monitor Your Accounts

After securing your accounts and notifying relevant parties, continuously monitoring your accounts is crucial. Here’s a concise guide to effectively keep an eye on your accounts:

Regularly Check Financial Statements

  • Bank and Credit Cards: Review statements for unauthorized transactions.
  • Investment Accounts: Look for any unusual activity.

Set Up Alerts

  • Transaction Alerts: Enable notifications for transactions over a certain amount or for all transactions.
  • Login Alerts: Get notified of logins from new devices or locations.

Review Account Settings

  • Email and Social Media: Regularly check for changes in account settings, recovery options, and connected devices.
  • Online Services: Periodically review security settings for cloud storage, shopping sites, and other services.

Monitor Your Credit Report

  • Credit Bureaus: Check your credit reports regularly for any new or suspicious accounts.
  • Fraud Alerts: Consider placing a fraud alert or credit freeze to prevent unauthorized accounts from being opened.

Use Identity Theft Protection Services

  • Monitoring: Consider services that offer real-time monitoring and alerts for suspicious activity.
  • Recovery Assistance: These services often provide help if your identity is stolen.

8. Update Your Security Settings

After addressing the immediate aftermath of a hack, it’s essential to review and update your security settings across all your accounts. Here’s how to effectively enhance your security:

Adjust Privacy Settings

  • Social Media: Review and tighten privacy settings to control who can see your posts and personal information.
  • Email: Ensure your email account settings restrict access and protect sensitive communications.

Review App Permissions

  • Mobile Devices: Check and limit permissions granted to apps, such as access to contacts, location, and camera.
  • Social Media and Online Services: Revoke access from apps and services you no longer use or trust.

Remove Unrecognized Devices

  • Account Settings: Remove any devices or computers from your account that you don’t recognize or no longer use.
  • Security Checkup: Use security checkup tools provided by platforms to audit connected devices.

Update Security Software

  • Antivirus and Firewall: Ensure your antivirus software is up to date and active. Enable firewall protections on your devices.

Enable Account Recovery Options

  • Email and Online Accounts: Set up and verify account recovery options, such as alternate email addresses or phone numbers.

Use Stronger Authentication

  • Two-Factor Authentication (2FA): Enable 2FA on all accounts that support it for an added layer of security.

Regularly Change Passwords

  • Password Management: Update passwords regularly, using strong, unique combinations for each account.

Stay Informed

  • Cybersecurity Updates: Keep abreast of the latest cybersecurity threats and best practices through reputable sources.

9. Back-Up Important Data

Backing up your important data is crucial to protect against data loss from hacks, hardware failures, or other unforeseen events. Here’s a simple guide to help you secure your valuable information:

Choose Your Backup Method

  • Cloud Storage: Use reliable cloud services like Google Drive, Dropbox, or iCloud to store your data securely online.
  • External Hard Drive: Regularly back up files to an external hard drive that you keep disconnected from your computer when not in use.
  • USB Flash Drive: Use a USB drive for smaller backups that you can store in a secure location.

Automate Your Backups

  • Scheduled Backups: Set up automatic backups on a regular schedule to ensure your data is always up to date.
  • Backup Software: Use backup software that encrypts your data for added security during transfer and storage.

Prioritize Important Data

  • Documents: Back up work documents, financial records, and any other critical files.
  • Photos and Videos: Protect precious memories by backing up family photos and videos.
  • Personal Files: Include important emails, contacts, and personal projects.

Test Your Backups

  • Verify Integrity: Regularly check your backups to ensure they are complete and accessible.
  • Restore Tests: Practice restoring files from your backups to ensure you can retrieve them when needed.

Store Securely

  • Encryption: Use encryption methods when storing sensitive data to protect it from unauthorized access.
  • Offsite Storage: Keep an offsite backup in case of physical damage or theft of your primary storage devices.

Maintain Regular Backups

  • Consistency: Make backing up a habit by scheduling it regularly, such as weekly or monthly.
  • Updates: Update your backups when you make significant changes or additions to your data.

10. Educate Yourself

After experiencing a hack, educating yourself about cybersecurity is essential to prevent future incidents. Here’s a simple guide to improve your knowledge:

Understand Common Threats

  • Phishing: Learn how to spot phishing emails and messages that trick you into revealing personal information.
  • Malware: Understand different types of malware and how they can infect your devices.
  • Social Engineering: Recognize tactics used by hackers to manipulate people into divulging sensitive information.

Learn Basic Security Practices

  • Strong Passwords: Create and manage strong, unique passwords for each account.
  • Two-Factor Authentication (2FA): Enable 2FA wherever possible for added security.
  • Software Updates: Regularly update your operating system, apps, and antivirus software to protect against vulnerabilities.

Protect Your Personal Information

  • Privacy Settings: Adjust privacy settings on social media and online accounts to limit what others can see.
  • Safe Browsing: Use secure websites (HTTPS) and be cautious of clicking on suspicious links.

Be Cautious Online

  • Email Safety: Avoid opening attachments or clicking links from unknown or suspicious sources.
  • Public Wi-Fi: Use a virtual private network (VPN) when connecting to public Wi-Fi networks to secure your internet connection.

Stay Informed

  • Follow Reliable Sources: Stay updated on cybersecurity news and trends from reputable sources.
  • Educational Resources: Utilize online courses, articles, and webinars to deepen your understanding of cybersecurity practices.

Practice Good Habits

  • Backup Data: Regularly back up important files to protect against data loss due to hacks or malware.
  • Review Accounts: Periodically review your financial statements and online accounts for any unauthorized activity.

Frequently Asked Questions (FAQs)

1) What is the first thing you do when you get hacked?

When you discover that you’ve been hacked, the first thing to do is disconnect from the internet. This action helps prevent further unauthorized access and stops ongoing malicious activities. After disconnecting, assess the situation to determine the extent of the breach and take necessary steps to secure your accounts and devices.

2) What are 3 things you can do to avoid being hacked?

To reduce the risk of being hacked, consider these three proactive measures:

  1. Use Strong Passwords and Enable Two-Factor Authentication (2FA): Create complex passwords and enable 2FA for an added layer of security.
  2. Stay Updated: Regularly update your operating system, software, and antivirus programs to protect against vulnerabilities and exploits.
  3. Be Cautious Online: Avoid clicking on suspicious links or downloading attachments from unknown sources. Use secure connections (HTTPS) and consider using a virtual private network (VPN) when accessing public Wi-Fi.

3) What should I do if my phone has been hacked?

If you suspect your phone has been hacked, take the following steps:

  • Disconnect from Networks: Turn off Wi-Fi and mobile data to disconnect from potential hacker access points.
  • Scan for Malware: Use a reputable antivirus or mobile security app to scan your phone for malware and remove any detected threats.
  • Change Passwords: Immediately change passwords for all accounts accessed through the compromised phone.
  • Update Software: Make sure to update your phone’s operating system and apps to the latest versions to patch security vulnerabilities.
  • Reset to Factory Settings (if necessary): As a last resort, reset your phone to factory settings to remove any persistent malware or unauthorized apps.


Experiencing a hack can be overwhelming, but taking prompt and decisive action can significantly reduce the impact. By following these steps, you can regain control of your accounts and bolster your defenses against future attacks. Stay vigilant and proactive about your digital security to protect yourself in this ever-evolving cyber landscape.