What to do if you’ve been hacked? How do you fix it?

You feel that someone might have recently tried to hack you. However, you use multiple online accounts for work, finance management, and entertainment purposes, so you probably can’t pinpoint which of them the crooks will target.

Most platforms have a customer service center for dealing with hackers. And although you understand what to do if you’ve been hacked, you might not know the most crucial initial steps.

We understand that account hacking threats can feel overwhelming. However, time is of the essence in combating cyberattacks, and even a few hours of delay gives identity thieves the upper hand.

Although we observe preventative measures against privacy invasion, we can still fall victim to cyberattacks like anyone else.

And we have to be prepared if that time comes. So to create an effective, foolproof process for recovering hacked accounts, we scouted official government resources and reputable authorities discussing cybersecurity.

By the end of this piece, you’ll know how to spot, confirm, and combat cyberattacks. 

Please read without skipping! We’ll tell you the worst cybersecurity mistake you can make, which could cost you your entire online identity.

What steps should you take if you’ve been hacked?

Surprisingly, most data breach victims are lax and complacent. Although they understand the dangers of compromised personally identifiable information (PII), they might have delayed taking action because they don’t know what exactly to do.

Sadly, delays give hackers the leeway to extract PII. If you want to stop hackers in their tracks before they take advantage of your exposed data, you’ll need to:

Identify your compromised accounts

Before anything else, identify your hacked accounts. Don’t worry if you can’t pinpoint the hacked profile yet, but at least narrow down your options to hasten the recovery process.

After all, you likely have several different accounts for work and personal use. Although you can secure them all, you need to zero in on the ones hackers will be more inclined to target.

Otherwise, you’ll waste your time checking and verifying the wrong accounts.

Update all your passwords

Password reuse is still one of the most common cyber hygiene concerns. Statistics show that 51% of netizens use similar passwords across their work and personal accounts. 

Sure, reusing the same login credentials prevents forgotten passwords. However, doing so also makes it easier for hackers to access your profiles on different platforms.

Let’s say a hacker gets into your Facebook account. If you use the same password combinations, they could just guess the login info on other more confidential apps (i.e., banking, government benefits).

As such, update the passwords on all your compromised profiles. Also, check your online login activities for unknown login attempts from random devices.

Notify the necessary institutions and agencies

Identify which credit cards, health insurance policies, and bank account hackers might access from your compromised accounts. 

You’ll have to alert your service providers right away. Otherwise, the hackers might take advantage of these policies and steal benefits under your name.

Financial and medical identity fraud cases are relatively common. So pay extra attention, especially if you think the hacker also knows more confidential PII like your policy and card numbers.

Set up fraud alerts with credit bureaus

Reach out to major credit bureaus (Equifax, TransUnion, and Experian) and request to set up fraud alerts. 

You only need to contact one of them. The bureau you choose will forward your request to the other institutions for you, so you won’t have to undergo screening multiple times.

The application process costs nothing. However, you need to file the correct paperwork that justifies your need for fraud alerts. 

Also, bureaus will categorize you based on the following fraud alert types:

  • Initial: The Initial program serves as the default fraud alert system. It accommodates the average U.S. citizen who feels that their identity has been compromised. Although bureaus will only monitor your credit activity for one year, you can reapply as long as you qualify.
  • Extended: An Extended plan only accommodates identity theft victims. You’ll need to submit the identity theft reports you’ve filed with the FTC and your local authorities. Applications will take longer. However, you can rest assured that the bureaus will actively send reports for the next seven years.
  • Active Military: Bureaus offer special monitoring and protection services for active-duty military personnel. Many of them have their identities stolen during deployment, after all.

We encourage setting up these fraud alerts for as long as you can. That way, you’ll know right from the get-go if any unusual banking activity under your name arises.

Monitor online activities

Track down everything that has happened to your online accounts since they’ve been compromised. Report any unauthorized transactions or applications right away.

Also, see if the hacker posted anything on your social media accounts. You’d want to know if someone has been using your profile to spread spam links and messages online.

Try to take control over your compromised accounts

Once you’ve changed the passwords on your hacked accounts and monitored the most recent activities, try regaining control over them. Hopefully, changing login credentials was enough to kick out the hacker.

Of course, you’ll still need to file an incident report. However, you can at least regain your peace of mind knowing that the hacker can’t dig deeper into your profiles.

Freeze your credit lines

Consider freezing your credit accounts if you feel they’ve been compromised. Although suddenly giving up your credit cards is inconvenient, it’s a small price to pay for security.

Trust us—if an identity thief has your card, they’ll use it. Also, it takes much more time and effort to dispute card transactions than to freeze your accounts right from the get-go.

Notify your friends and family

Inform your friends, family, colleagues, and online acquaintances about your situation. You don’t have to disclose the full story, but at least let them know that you lost control of your account.

Remember that crooks use stolen profiles to trick your connections. The scams can range anywhere from petty crimes like asking your friends for money to more grave issues like convincing your spouse to share your ATM pin.

Reassess your online privacy settings

Take this cyberattack as a chance to reassess your privacy settings. Apart from changing your passwords, remove all your logged-in devices and enable two-factor authentication. 

That way, you’ll know if the crook tries logging into your account again.

How do you tell you’ve been hacked?

Hackers only need a few minutes to max out your credit cards. Just imagine what they could do with your PII once they gain access to all your online social media, finance, and work accounts.

In the worst case, they could steal your identity altogether. You might wake up one day to dozens of court orders and criminal records under your name, even if you have nothing to do with them.

For these reasons, familiarize yourself with the warning signs indicating an attack. The sooner you know you’re being hacked, the quicker you can take action and secure your accounts.

Some alarming red flags indicating an attack include:

  • Unauthorized financial transactions, purchases, and loan applications
  • Random court orders or criminal records under your name
  • Posts and messages from your social media account that you didn’t make
  • Sudden drop in credit score/poor credit rating
  • Unwanted software programs, apps, and tools in your device
  • Tampered login credentials

Overall, monitor your online accounts for unusual activities. If you notice any post, message, transaction, or download you didn’t authorize, please look into the issue immediately.

File a report before the hacker accesses your PII.

What can you do to protect yourself from hackers?

When it comes to cybersecurity, prevention is better than cure. The tips we fleshed out above can help you mitigate damages, but you wouldn’t have to rely on them if you secure your accounts in the first place.

To deter hackers, you should:

  • Change your passwords every three months
  • Consider credit protection services
  • Monitor your credit and financial statements
  • Use various email accounts for various differing purposes
  • Avoid shady spam emails riddled with malware
  • Invest in a solid antivirus software program


Based on our research, the most common digital hygiene concern today is that netizens connect all their personal and work accounts. As a result, hackers can quickly extract PII.

For instance, let’s say you use the same email for Facebook and LinkedIn. Once the thief gains access to your Facebook account, they can also try bypassing the login credentials of your LinkedIn profile.

After which, they will use your LinkedIn to access even more accounts.

Overall, all the tips we mentioned above are important. However, if there’s one thing you should do right now, it’s to detach your online accounts from each other, or else you’ll give hackers an easier time stealing your entire online identity.

Keeping your online identity and PII secure

There’s no one-size-fits-all solution on what to do if you’ve been hacked, so make sure you can adapt to the situation. Cyberattacks vary on a case-by-case basis. 

Also, act on the issue as soon as you learn about it. As mentioned above, too many victims ignore the warning signs indicating cyberattacks, putting them at an even greater risk.

If you’re on the fence about the first thing to do, at least identify your compromised assets. That way, you can report the attack to the necessary financial and government institutions and ask them to freeze your accounts.

You won’t stop the attack yet. However, filing the necessary reports and paperwork will give you enough time to plan your next steps.

Act swiftly, but don’t make rash decisions.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top
Scroll to Top