What to Do if You’ve Been Hacked?

This article is courtesy of our partners at PURE Insurance.

Imagine hopping on the free Wi-Fi at your local coffee shop and checking your bank account. In this brief moment, a hacker gains unauthorized access to your account and begins wiring out funds. Unfortunately, this is a common cyber attack method.

Public Wi-Fi networks at hotels, airports and cafes are notoriously unsecure. You don’t know who set them up or who is connected to them, making great targets for hackers who can track all users’ history.

Avoid these networks and instead use a Mi-Fi (a personal mobile Wi-Fi device such as a hotspot with a unique password) which you can get from your cellular carrier. You can also use a virtual private network (VPN) service, which can be downloaded to your device as an app. Some examples of safe, trusted VPN services are Norton and NordVPN. According to NordVPN, “A VPN reroutes your traffic through a remote, secure server, encrypting it in the process.” A VPN allows your data to travel through a private, secure “tunnel,” keeping it away from others’ prying eyes.

According to recent analysis, the United States continues to experience the most data breaches of any country with 49.9 million alone in the second quarter of 2023. Russia trailed behind with 15.2 million. Worldwide, the second quarter of 2023 also saw a 156% increase in breached accounts compared to the first quarter.

Sensible security measures to protect your online information can help you avoid joining this statistic, but given the increasing severity and frequency of cyber and ransomware attacks, there is no perfect solution. So, it’s important to know how to minimize your exposure the moment it occurs and how to better secure your accounts following a malicious breach.

Disable default settings, like auto-connecting to Wi-Fi, to protect sensitive data. Turn off the auto-login feature on banking and credit card apps for added security.

How to Minimize a Cyber-attack

  • Change your passwords as soon as you become aware your account has been hacked.
  • Log out of the compromised account on all devices.
  • Check the login logs for your account. Most cloud services track each and every time you log in to an account. This allows you to see when and from where that account has been accessed.
  • Call your bank if a bank account has been hacked. Immediately inform the financial institution and add a fraud alert to your credit report. This will make it harder to open a new account under your name if your identity has been stolen. Adding a fraud alert is free, good for 90 days, and if you add it to one credit-reporting agency, it will be reported to the other two. It may be prudent to cancel accounts that have been compromised and replace them with new accounts.

Reducing the Likelihood of a Future Attack

Maybe you haven’t had your accounts compromised before, but you’ve gotten a call from your bank about a suspicious transaction attempt or you’ve been asked to reset your account password after a failed login attempt. Whether you are mitigating a cyber threat or taking preventative measures, here are some ways you can help stop cyber attacks on your accounts in the future.

  • Strengthen your password. A strong password is unique, including upper-case and lower-case letters, numbers and special characters. Consider using a mnemonic device to help you remember complex passwords. For example, build a password from the first letter of every word in a song: TtL*hiwWYA5 (“Twinkle, Twinkle Little Star” with special characters, lowercase and capitalized letters, and a number). Place special characters, numbers and capital letters in the middle of your password rather than only at the beginning or end. Never use personal information in your passwords. To view 25 of the most commonly stolen passwords, click here.
  • Enable multi-factor authentication on all your accounts and devices. Most companies that handle sensitive information—from financial institutions to social media platforms—will have a feature in the settings that will allow for multi-factor authentication using your phone or a third-party device. If available, enable account login notifications.
  • Set up credit card alerts to notify you when a transaction occurs so that you can identify fraudulent charges in real time.
  • Set up monitoring services. Note the difference between identity-theft monitoring and cybersecurity monitoring. Both can be beneficial, but cybersecurity monitoring is intended to help prevent cybercrime while identity-theft monitoring is intended to help you react more quickly if fraudulent activity has already occurred.
  • Audit your accounts. Regularly check with accounts you’re still using and which you no longer access. Unused accounts can put your security online at risk because you may not notice when they get breached. You can use the free tool Have I Been Pwned? to quickly and easily check what (if any) data breaches you’ve been involved in.

If your email address was compromised when your account was hacked, establish a new email address that you only use for banking, investment, healthcare and other accounts that hold sensitive information.


From identity theft to phishing emails, phone scams and more, fraud and cybercrime are on the rise as criminals find new ways to exploit vulnerabilities. You are the first line of defense in preventing cybercrime. For more cybersecurity tips or questions, please don’t hesitate to contact us. And be sure to like us on Facebook and follow us on LinkedIn for more news and industry tips.