|

|

A Human’s Guide to Reclaiming Hacked Accounts


A Human's Guide to Reclaiming Hacked Accounts


A Human’s Guide to Reclaiming Hacked Accounts

Being hacked is stressful, but most accounts can be recovered. This guide walks you through the process in plain English — no jargon, no panic, just clear steps in the right order.

Before you start: If you believe your bank account or financial accounts have been compromised, call your bank directly using the number on the back of your card. Do not follow links in any emails or texts you’ve received.


Step 1: Don’t Panic — Do This First

The moment you suspect a breach, your priority is to limit the damage, not to immediately recover everything. Work through this list:

  • Check which accounts use the same password as the compromised one
  • Change those passwords immediately, starting with your email account
  • Sign out of all active sessions on the hacked account if you still have access
  • Tell someone you trust what’s happening — a second pair of eyes helps

Why email first? Your email is the master key. If a hacker controls your email, they can reset passwords for everything else. Securing it is your single most important action.

Step 2: Check If You’ve Been Breached

Before assuming the worst, verify what’s actually been exposed. Several free tools can tell you whether your email address or passwords have appeared in known data breaches:

If your password appears in a breach, change it everywhere it’s been used — even on sites you haven’t visited in years.

Step 3: Recover Access to the Account

If you’ve been locked out, most platforms have account recovery flows. Go directly to the official site — never click a link in an email or text. Use the official recovery pages for major services:

Watch out for fake recovery pages. Always type the address directly into your browser or search for the official site. Phishing pages are designed to look identical to real login pages — check the URL carefully.

Step 4: Secure the Account Properly

Once you’re back in, don’t just change the password and move on. Do a thorough sweep:

  • Set a new, unique password of at least 16 characters — use a password manager to generate one
  • Enable two-factor authentication (2FA) — an authenticator app is more secure than SMS
  • Review connected apps and revoke access for anything unfamiliar
  • Check email forwarding rules — hackers often set these up to quietly receive copies of your messages
  • Review your recovery email address and phone number — make sure they haven’t been changed
  • Check recent account activity for logins from unfamiliar locations or devices

Recommended free authenticator apps: Google Authenticator, Microsoft Authenticator, and Authy. Avoid relying solely on SMS codes if possible.

Step 5: Assess the Damage

Once the account is secure, find out what the attacker may have accessed or done:

  • Review sent emails and messages for anything sent in your name
  • Check for posts, purchases, or account changes made without your knowledge
  • Look at login history — note dates, times, and locations
  • If financial information was stored, contact the relevant institutions
  • If personal documents were accessible, consider whether identity fraud is a risk

Keep notes of everything you find. If you need to report the incident, having a timeline will be useful.

Step 6: Report It

Reporting isn’t just bureaucracy — it creates a record and may help prevent the same thing happening to others. In the UK, the relevant bodies are:

  • Action Fraud — the UK’s national reporting centre for fraud and cybercrime
  • NCSC — report phishing emails and suspicious websites
  • ICO — if your personal data has been misused
  • Citizens Advice — for guidance on next steps

Also report the incident directly to the platform — this can trigger additional account protections and may help them identify the attacker.

Step 7: Prevent It Happening Again

The single best thing you can do after recovering an account is to build better habits before the next attempt. Three changes will protect you more than anything else:

  • Use a password manager. Unique passwords for every account, generated and stored securely. Bitwarden is free and open-source; 1Password is a popular paid alternative.
  • Turn on 2FA everywhere. Even if someone gets your password, they can’t get in without your second factor.
  • Be suspicious of unsolicited messages. Most account compromises begin with a phishing email or text. When in doubt, go directly to the site rather than clicking links.

The NCSC’s Cyber Aware campaign offers free, practical guidance tailored to UK residents and small businesses.


Updated February 2026