What to Do If You've Been Hacked — Step by Step 2026
If you suspect your account has been compromised, act fast. Here's the complete response checklist, prioritized by urgency.
Immediate Actions (First 30 Minutes)
- Change your password immediately — Start with the compromised account, then any accounts using the same password
- Enable two-factor authentication (2FA) — Use an authenticator app, not SMS
- Check for unauthorized transactions — Review bank statements and payment accounts
- Log out of all sessions — Most services have a "log out everywhere" option in security settings
- Revoke app access — Check connected apps and remove any you don't recognize
Next 24 Hours
- Check haveibeenpwned.com — See if your email appears in known data breaches
- Run a malware scan — Scan all devices for keyloggers and malware
- Update all passwords — Use a password manager to generate unique passwords
- Notify your bank — If financial data was exposed, request fraud monitoring
- Check email forwarding rules — Hackers often set up forwarding to maintain access
Prevention
- Use a password manager (Bitwarden, 1Password)
- Enable 2FA on every account that supports it
- Never reuse passwords
- Be skeptical of links in emails and messages
- Keep software updated
- Use Nerq to check software trust before installing:
nerq.ai/is-[tool]-safe
Related Guides
How to Spot a Fake Website — 2026 GuideInternet Safety for Kids — Parent Guide Online Shopping Safety Checklist 2026Best Free Antivirus 2026 — Trust RankedIs .exe Safe to Open? File Safety Guide How to Choose a VPN — Independent Guide Browser Extension Safety — What Permissi
Updated March 2026. Source: Nerq independent analysis.