Hacked account: what to do to take back control fast
Has your account been hacked? Here are the steps to recover it: a clean device, a new password, two-factor authentication, and warning your contacts.
Updated on June 15, 2026 · 2 min read
A login alert you did not trigger, messages you never sent, a password that suddenly stops working: the signs of a hacked account can be brutal. Panic is a poor adviser. By acting in the right order, you limit the damage and take back control faster than it might seem.
Take back control without delay
The first step is to recover access. Start the recovery process the service offers (forgotten password, identity confirmation) from a clean device, meaning a computer or phone you are sure is not compromised. Avoid the device where the incident may have begun until it has been checked.
If the attacker changed the email address or recovery phone number, contact the service's official support directly. Most have a dedicated path for compromised accounts, where you prove your identity to regain control.
Change the password, and the right kind
Once you have access again, change the password immediately, from that clean device. Choose a password that is long, unique, and never used anywhere else. This is the crucial point: a password reused across several accounts turns a single breach into a chain of breaches.
To know whether your new password is genuinely strong, test its robustness with our password checker. To avoid having to memorise dozens of them while keeping a distinct password everywhere, a manager like Dashlane generates and stores unique credentials for each service.
Lock the account down thoroughly
Regaining access is not enough: you have to make sure the attacker has no back door left.
- Turn on two-factor authentication (2FA) if you have not already, ideally through a dedicated app rather than plain SMS.
- Check active sessions and sign out of every unknown one from the security settings.
- Review your email forwarding rules. An attacker often adds an automatic redirect or filter to intercept your emails without your knowledge. Delete any setting you did not create.
- Re-examine the permissions granted to third-party apps and remove those you do not recognise.
Also think about your backup email addresses and phone numbers: make sure they point to you, and not to a contact the attacker added.
Warn others and stay watchful
A hacked account is often used against the people around you. Warn your contacts so they treat any message or request for money sent in your name during the incident with suspicion.
If the same password was used elsewhere, change it on every affected account right away. Then, for a few weeks, watch for reset emails you did not request, a sign of a fresh attempt.
If you have suffered harm, report the facts to a national fraud service such as Action Fraud. To place this hack in the wider context of identity theft, see the identity theft guide.
Partner links: we may earn a commission, at no extra cost to you.
FAQ
- I can no longer log in. How do I get my account back?
- Use the service's recovery process from a clean device, through your backup email address or phone number. If the attacker changed them, contact the service's support directly and prove your identity to regain access.
- Should I warn my contacts after a hack?
- Yes. A hacked account is often used to deceive or solicit the people close to you with fraudulent messages or requests for money. Warn your contacts so they ignore any suspicious message sent in your name during the incident.
Related reading
Data breach: the steps to take without delay
Has your data leaked? Check your exposure, change reused passwords, watch your accounts, and outsmart the targeted phishing that follows.
Identity theft: how data gets stolen and how to lock it down
Data leaks, account takeover, fake government services. Practical steps to protect your identity with unique passwords, 2FA, monitoring and data removal.