Tips and Best Practices Upon Learning Your Email Was Hacked
If you fear you may have been the victim of email hacking, here are some tips and best practices we recommend to follow in order to prevent further exposure:
1. Change your email password.
- Use either at least 8-10 characters with a variety of upper and lower case with some symbols and numbers, or a 20-character passphrase (example: myaunthastwodaughters)
2. Change your security questions and answers.
- If your password was stolen, your answers to security questions could have been too. Please make the answers unpredictable.
3. Change other passwords.
- If your email password is the same password that you use for other accounts, change your password for such other accounts.
4. Check your email settings.
- Ensure that your “reply to” feature has not been changed or “automatic forwarding” has not been turned on.
5. Conduct the following assessment:
- When did you first discover an issue with your email account?
- Do you know if the issue has been going on for a while or does this appear to be a recent event?
- Have you been able to make any initial determination about what happened?
- Was anyone else in the company other than yourself affected?
- Can you tell whether any emails were sent from your account other than the initial one that was identified?
- Do you have any sensitive data contained in your email account, such as financial information or Social Security numbers, that may have been accessed?
If the issue appears to be more widespread or you fear that sensitive personal data may have been accessed, you should consult with an attorney.
6. Set up two-factor authentication on your email account.
- You will need to provide a code or acknowledge a login attempt on another device after you enter your password, but the extra step helps keep your account more secure.
7. Update your computer system and delete any malware.
- Install antivirus security software if not already installed. Once the software is installed, run the software on your computer to ensure no malware has been installed on your computer.
8. Let your email contacts know.
- Send a message to all your email contacts as soon as possible so they know to avoid opening any emails (most likely loaded with malware) that have come from you.
If you have questions after reviewing the above, please contact a member of Koley Jessen’s Data Privacy and Cybersecurity team for further assistance.
This content is made available for educational purposes only and to give you general information and a general understanding of the law, not to provide specific legal advice. By using this content, you understand there is no attorney-client relationship between you and the publisher. The content should not be used as a substitute for competent legal advice from a licensed professional attorney in your state.