Stay Calm — and Act Quickly

Discovering your email has been hacked is alarming, but acting quickly and methodically will give you the best chance of recovering it and minimizing damage. The first hours after a breach are critical. Here's exactly what to do.

Step 1: Try to Log In Immediately

Go directly to your email provider's sign-in page and attempt to log in with your current credentials. If your password still works, you got there in time — the attacker may not have changed it yet. Log in immediately and skip to Step 3.

If your password has been changed and you can't log in, proceed to Step 2.

Step 2: Use the Account Recovery Process

Every major email provider has an account recovery flow. Here's how to access them:

  • Gmail: Go to accounts.google.com/signin/recovery — Google will ask you to verify via backup email, phone number, or security questions.
  • Outlook/Hotmail: Visit account.live.com/acsr — Microsoft offers identity verification via a recovery code or trusted contact.
  • Yahoo Mail: Go to login.yahoo.com and click "Trouble signing in?" to begin recovery.

Have your recovery phone number, backup email address, or answers to security questions ready. If those were also changed by the attacker, look for the option to verify via ID or submit a support request.

Step 3: Secure the Account Immediately

Once you regain access, do these things in order — don't skip any steps:

  1. Change your password immediately to a new, strong, unique password.
  2. Check and update your recovery options — verify that your backup email and phone number are still yours and haven't been altered.
  3. Review connected apps and permissions — revoke access to any app or service you don't recognize.
  4. Check your email forwarding rules — attackers often set up silent forwarding to keep reading your emails even after you regain access.
  5. Enable two-factor authentication if it wasn't already active.
  6. Review sent and deleted folders — check what the attacker may have sent from your account or accessed.

Step 4: Assess the Damage

Your email is often the master key to your other accounts. Take stock of what may have been exposed:

  • Which other accounts use this email address for login or password resets?
  • Were financial accounts linked to this email? Check for unauthorized transactions.
  • Did the attacker send messages to your contacts? Warn them not to click any suspicious links they may have received.
  • Were any sensitive documents or personal information visible in your inbox?

Step 5: Secure Your Other Accounts

Change the passwords on any account that uses this email as a login or recovery address, starting with the most sensitive ones: banking, social media, cloud storage, and work accounts.

How to Prevent It From Happening Again

  • Enable two-factor authentication on your email account — this is the single most effective prevention.
  • Use a unique, strong password you don't use anywhere else.
  • Be cautious about phishing emails — most email hacks start with a convincing fake login page.
  • Regularly review your account's active sessions and connected apps.
  • Keep your recovery email and phone number current.