Recovering from being hacked

This discussion was created from comments split from: Convert Team account to Individual.

Comments

  • kcmouthpeace
    kcmouthpeace
    Community Member

    I have recently been "hacked" and someone has created an admin account over mine. I've tried deleting their device and changing the password but it's all been to no avail. Tried deleting my Google account to find out it was recovered and started over. I desperately need to know how to remove this slack from my account and any thing else that is causing trouble

  • AGAlumB
    AGAlumB
    1Password Alumni

    @kcmouthpeace: Thanks for reaching out. I hope you don't mind, but I've split your post off into a separate discussion since this doesn't seem to apply to 1Password Teams. It sounds like you're having trouble with your Google account, and I'll be happy to to offer some general suggestions for security and mitigation, but ultimately you may need to contact Google for assistance.

    To prevent someone getting into an account of yours, use a long, randomly-generated, unique password for each site. Using the same password for multiple sites means that one being compromised can result in the same happening to others. Similarly, using a weak password (e.g. something created by a human) means it will be much easier to guess than a computer-generated, random password.

    To stop them from accessing your account if they've already gotten in, change the password to the account. And make sure that there aren't other mechanisms that an attacker could use against you (recover codes for two-factor authentication, security questions, secondary email for password resets, etc. And be sure that you do all of this on a safe device. If you do this on a device that is compromised, they may be able to use you to get right back in.

    If, however, you're using a 1Password.com account and you're concerned that someone has gotten your Secret Key and/or Master Password from you (we don't have these, and also cannot reset or recover them for you), you can always regenerate the Secret Key and change the Master Password from the "Manage" button in your account's Profile.

    I hope this helps. I see you've also emailed us separately, so I'll follow up there as well in case you have any other questions.

    ref: ZPA-67165-584

  • wkleem
    wkleem
    Community Member
    edited June 2017

    Since the hackers have a way of getting back in, apparently, I don't know if you have a phone number listed but mobile SIMs, can, in fact, be cloned.

    I have recently been "hacked" and someone has created an admin account over mine. I've tried deleting their device and changing the password but it's all been to no avail. Tried deleting my Google account to find out it was recovered and started over. I desperately need to know how to remove this slack from my account and any thing else that is causing trouble.

    You may want to turn on 2FA, change passwords, and verify your recovery emails. Also, use an Authentication App and set up the recovery key codes?

    Also, check Google's my device activity page for any suspicious log ins and terminate from Gmail.

    https://myaccount.google.com/security#activity

  • AGAlumB
    AGAlumB
    1Password Alumni

    @wkleem: That's a really useful link, and good advice about two-factor authentication. Thank you! :)

This discussion has been closed.