10 Things to Do ASAP When You’ve Been Hacked

Hacking—the unauthorized access of a computer or account—is widespread. A computer gets hacked every 39 seconds on average, according to researchers at the University of Maryland. When a major security breach occurs, often the account or service provider (like Google or Twitter) will notify victims; other times, sadly, folks figure it out for themselves due to such signs of hacking as missing money from a bank account or online passwords being disabled.

However you become aware of a breach, swift action is a must. You will no doubt feel righteously angry and violated, but you mustn’t let your emotions rule you at this time. Take some deep breaths, calm down, and follow these steps to mitigate the damage and protect yourself from future attacks.

It is critical to re-establish control over your accounts once security has been breached. Each provider has slightly different instructions for account recovery and reporting. For example, here’s what Instagram recommends you do if your account has been hacked; in general, your first stop should be the “Account Recovery” section of the website to help you recover your account, or report it, if recovery fails. Once you submit your request, you’ll receive an email asking for additional measures to verify your identity. Apple, Facebook, Google, Microsoft, Twitter, and other platforms all require security questions or other methods of identity verification (like sending a code to your phone).

Related
: 
7 Documents You’re Probably Forgetting to Shred

Your passwords allow access to personal data (like your address, contact list, and bank account info)—and too many of us use the same email and password across multiple websites and accounts. This means that once hacking occurs, any account associated with that email/password is automatically at risk too. Some web browsers, like Google Chrome, allow you to download plug-ins that automatically generate random “strong” passwords, which are much safer than passwords you create (like your pet’s name plus your birthday). You can also set up two-factor authentication for an added layer of security. Save all new account info in a secure location, like 1Password, a secure online platform for saving all your sensitive data in one place.

Perform a personal security audit on all major accounts, double checking your profile and security settings to ensure that the recommended options are in place. It’s also crucial to deauthorize your apps, because third party apps have access to your personal account info, providing an open channel to your email account that clever hackers can exploit, even after you’ve changed your password. Here’s how to revoke access to apps via Google, Facebook and Twitter.

Change your passwords and check your settings to all your other accounts. One security breach can easily lead to others. Look at this experience as an opportunity for a personal security audit of your online presence. Yes, this takes some time, but it’s worth it to boost your security and restore peace of mind.

If your email or social media accounts were hacked, this can affect your friends and contacts as well as you by sending spam (fake) messages to their accounts. First, head for the “Account Recovery” section of the website and follow instructions to prove you are the true account holder. Then message your contacts and let them know that your account was breached. Tell them to disregard any suspicious messages they may have received from “you,” and to double check their own accounts, which may also be compromised.

Call or log into your banking and credit card accounts and make sure no fraudulent activities have been charged. Unauthorized credit card charges are quite easy to spot—if you’re paying attention. So always double check your bank and credit card statements, looking for suspicious activity. See anything unfamiliar? Contact your credit card company immediately. Your bank will cancel your card and issue you a new one. Also remember that it’s safer to use credit cards than debit cards. If thieves gain access to your debit card info, they can steal your own money, rather than a line of credit.

Identity theft is one of the scariest forms of hacking, and can go undetected until you receive a major warning sign such as merchants refusing your business or bills for service and debts you did not incur. Identity thieves are ultimately after money—access to your credit cards, bank accounts, tax refunds, even your health insurance—damaging your credit report and your reputation in the process. If you think this has happened to you, visit IdentityTheft.gov to start a recovery plan.

Related: The Most Common Household Crimes—And How to Protect Yourself in 2020

After a breach, not only are your online accounts at risk, but your computer may be at risk too. Malware—short for malicious software—is designed to harm your computer by interfering with normal functions. Fortunately, there is good software (some of it free, like Malwarebytes) to help root out malware, which invades your operating system in the form of destructive viruses, software, ransomware, spyware, and adware. Want to ensure you don’t accidentally stumble into an unsecure corner of the Web? Install Web of Trust, which is a good preventative measure.

Once you’ve mitigated the risk and regained control of your accounts, do a little detective work. Try to understand why you were targeted by a hacker or malware. Did they want your credit card info? Or was your contact list the main target? Once you figure out why and how you were targeted, you can help prevent future breaches by fixing any holes in your virtual armor. This could be as simple as boosting your password strength, or more involved, like changing your social media settings or using a VPN (virtual private network). Services like ExpressVPN allow you to reclaim your privacy and online anonymity for a monthly fee. With hackers and malware an ever-present threat, your virtual armor needs to be strong and ever-evolving.

Related
: 
10 Tips for Ending Robocalls, Junk Mail, and More