How to Fix a Compromised Account, or:
What To Do If Your Facebook Account Gets Hacked

Brian Gongol


Part 1: Stop the bleeding

  1. Change your Facebook password right away. Use something temporary; you're going to need to change it again in part 3.
  2. Do the same with any accounts where you've used the same password as you've used on Facebook.
  3. Delete anything that may have been posted in your name by someone else. Check your outbox for messages they may have sent, too.

Part 2: Go into lockdown

  1. Run a comprehensive antivirus sweep on any devices you use. Don't forget laptops, desktops, tablets, smartphones, netbooks, or anything else you may ever have used to log in to the compromised account.
  2. Once complete, change the security passwords on each of those devices.
  3. Change the password on your home WiFi router and any others you may use.
  4. Delete all automatic connections to any wireless networks you may have stored on your devices.

Part 3: Sweep up the remaining mess

  1. Change all of your compromised passwords again (that is, any password used on any account that got hacked, as well as any other accounts where you might have re-used that password).
  2. Change the passwords on any other critical accounts.
  3. Run a backup of any valuable files on your computer and store them in a safe location. If it's really valuable, take the time to record it to a CD-R or DVD-R and store it someplace safe.

Part 4: Keep it from happening again

  1. Don't use unsecured wireless networks anywhere (this includes hotels, restaurants, and stores).
  2. Continue to use different passwords for different accounts. You should not have the same password shared among any critical accounts (including email, social media, online banking, and any other account where your identity could be compromised and cause you headaches).
  3. Be vigilant: Your password may have been stolen when you used an unsecured wireless network. It may have been due to a virus on your computer. It may have happened when you fell for a scam and clicked on a link you shouldn't have. Practice good security hygiene.