Skip to content
Cyber Replay logo CYBERREPLAY.COM

Immediate Incident Guidance

Help, I've Been Hacked: What To Do In The First 60 Minutes

If your email, social, bank, or cloud account was compromised, speed matters. Use this checklist to contain the breach quickly and prevent follow-on fraud, impersonation, and wire transfer scams.

More Cybersecurity Help

1. Contain Access Right Away

2. Remove Attacker Persistence

3. Protect Financial & Identity Exposure

4. Recover Safely

Need Immediate Support?

If this involves business email, vendor payment fraud, or repeated suspicious sign-ins, contact Cyber Replay for guided triage and response.

Call (424) 625-4797 Request Rapid Response

Frequently Asked Questions

What should I do first if my account was hacked?

Change your password from a clean device, sign out active sessions, and enable multi-factor authentication immediately.

Should I remove suspicious email rules and app access?

Yes. Attackers commonly add forwarding rules and third-party app tokens. Remove unknown rules, tokens, and delegated mailbox access.

Do I need to notify my contacts after an account breach?

If the account sent phishing or wire transfer requests, notify contacts quickly so they can avoid further compromise.

When should I call a cybersecurity response team?

Call immediately if business email, financial accounts, payroll, or admin credentials are affected, or if you see repeated suspicious sign-ins.