What to Do If You've Been Hacked

If you think you've been hacked, your immediate actions should focus on containing the damage and securing your information.

Immediate Actions

Disconnect from the Internet: Immediately disconnect the compromised device (computer or phone) from the internet (unplug the Ethernet cable or turn off Wi-Fi/mobile data) to prevent further data loss or system damage.
Change Passwords: Using a separate, secure device, change the passwords for critical accounts (email, banking, social media, etc.).
- Create strong, unique passwords that you don't use for any other account. A password manager can help with this.
- If your email was compromised, that is your top priority as it is often the key to resetting other accounts.
Run Antivirus/Anti-Malware Software: Update your security software and run a full system scan on the affected device to identify and remove any malicious software (malware, spyware, etc.). Quarantine any suspicious files found.
Enable Multi-Factor Authentication (MFA): Turn on 2FA or MFA for all accounts that offer it. This adds a critical layer of security.
Check for Suspicious Activity: Review your accounts (bank statements, credit card bills, email sent folders, social media posts/messages) for any activity you don't recognize.

Notify Relevant Parties:
- Financial Institutions: Contact your bank and credit card companies to alert them to potential fraud and monitor for unauthorized charges.
- Contacts: Warn friends and family not to open any suspicious emails or messages from your accounts, as the hacker may use your account for phishing attempts.
- Service Providers: Contact your mobile carrier if you suspect a SIM-swapping scam or similar issue.
Monitor Credit Reports: Place a fraud alert with one of the three major credit bureaus (Equifax, Experian, or TransUnion) to make it harder for new accounts to be opened in your name. You can also order free copies of your credit report from AnnualCreditReport.com to check for unfamiliar activity.
Report the Incident:
- For identity theft, file a report with the Federal Trade Commission (FTC) in the U.S., which provides a personalized recovery plan.
- Report cyber-enabled crimes to the FBI's Internet Crime Complaint Center (IC3) or your local law enforcement agency.
Consider a Factory Reset: If you are still concerned that your device is compromised after running scans, perform a full factory reset. Back up your important data first to an external, uninfected drive or a secure cloud service.

By acting quickly, you can minimize the potential damage and regain control of your digital life.