What is How to Check If You've Been Hacked?

If you suspect you've been hacked, here's how to check and what to do.

Check for Data Breaches

• Have I Been Pwned (haveibeenpwned.com): Enter your email to see if it appeared in known breaches
• Firefox Monitor: Mozilla's breach checking service
• Default Privacy's Password Check (/password-check): Checks if passwords have appeared in breaches

Signs Your Account Was Compromised

• Password reset emails you didn't request
• Login notifications from unfamiliar locations or devices
• Sent messages or posts you didn't create
• Account settings changed (email, phone, recovery options)
• Missing emails (attacker set up forwarding rules)

Signs Your Device Was Compromised

• Unusual battery drain or overheating
• Unexpected data usage
• Apps you didn't install
• Device running slowly for no reason
• Webcam/microphone indicator activating unexpectedly

Immediate Steps

1. Change passwords on affected accounts (use a password manager)
2. Enable MFA everywhere (hardware key > TOTP > SMS)
3. Check email forwarding rules — attackers often set up auto-forwarding
4. Review connected apps and revoke unauthorized access
5. Scan devices for malware
6. Check financial accounts for unauthorized transactions
7. Freeze your credit if personal information was exposed