My Email Was Hacked — What Do I Do Right Now

Few things spike your heart rate like seeing a 'new sign-in from an unknown device' alert and realizing my email was hacked. Your inbox is the master key to nearly every account you own — bank, social, shopping, cloud storage. The next thirty minutes matter.

Take a breath. Then run this playbook in order.

Open your email provider on a device you trust and use the 'forgot password' or 'recover account' flow. If the attacker already changed the recovery email or phone number, contact your provider's support immediately — Gmail, Outlook, Yahoo, and ProtonMail all have account recovery teams that handle hijacks.

Once you're back in, change the password to something long, unique, and never used anywhere else. The instant you realize my email was hacked, assume every password tied to that inbox is compromised too.

This is non-negotiable. Use an authenticator app (Authy, Google Authenticator, 1Password) instead of SMS — text-message codes can be intercepted via SIM-swap attacks. With 2FA on, even a stolen password becomes useless on its own.

Attackers love to set up sneaky email forwarding rules — every password reset email gets silently copied to them while you see nothing. Open your email settings and review filters, forwarding addresses, and connected apps. Delete anything you didn't create.

Then check the 'sent' folder for messages you didn't send and the trash for deletions you didn't make.

Bank, password manager, primary social media, anything tied to money. If my email was hacked, attackers can trigger password resets everywhere — beat them to it by changing those passwords now.

Almost every email hijack traces back to a leaked password from an old breach. Check what data of yours has already been exposed — that tells you which other accounts to harden next.

You don't need to guess whether your information is floating around in a breach dump. ThreatRidge cross-references billions of leaked records and gives you a plain-English Cyber Health Score in about ten seconds. No signup. No credit card. We don't store or sell the email you enter.

If your score comes back low, you'll see exactly where the exposure is and what to do next. If it comes back clean, you'll know you're ahead of most people online — and what to do to stay there.

The best time to check your exposure was yesterday. The second best time is right now. Check your free Cyber Health Score at ThreatRidge.com.