Skip to main content
Account SecurityHome & Business5 min read · Updated June 2026
Woman looking worried and concerned at a laptop screen

How to Check If You've Been Hacked

Not all hacking is obvious. Criminals increasingly stay hidden — quietly collecting passwords, monitoring accounts, or selling data — without triggering any visible alert. This checklist helps you find out whether your accounts or devices have been compromised. Work through each step systematically. If you find something wrong, take the action listed before continuing.

Step 1 — Check Have I Been Pwned

Visit haveibeenpwned.com — a free service endorsed by the NCSC that tracks known data breaches. Enter your email address to see every breach in which your details appeared, and what data was exposed.

If your email appears in a breach: Change your password on that service immediately. If you used the same password elsewhere, change those accounts too.

haveibeenpwned.com was created by security researcher Troy Hunt and does not store or sell your data.

Step 2 — Review Your Account Login History

Most major services show a list of recent logins and the devices used:

  • Google: myaccount.google.com → Security → Your devices
  • Facebook / Instagram: Settings → Password and Security → Where you're logged in
  • Microsoft: account.microsoft.com → Security → Sign-in activity
  • Apple: Settings → [your name] → scroll down to view your devices

Look for: Logins from locations you do not recognise, devices you do not own, or activity at unusual times (e.g. 3am logins you did not make). Remove any unrecognised sessions immediately.

Step 3 — Check Your Email Account Carefully

Your email account is the most valuable target — it controls password resets for every other account. Look for:

  • Emails in your Sent folder you did not write
  • Contacts receiving messages from you that you did not send
  • Email forwarding rules or filters you did not create (criminals set these to silently forward copies of your emails)
  • Password reset requests for accounts you did not initiate

Step 4 — Review Your Financial Accounts

Log in to your bank and credit card accounts and review the last 60 days:

  • Small, unfamiliar charges (criminals often test stolen card details with small transactions before larger purchases)
  • Direct debits or standing orders you do not recognise
  • New payees added that you did not set up

If you find anything suspicious, contact your bank immediately on the number on the back of your card.

Get your free personalised cybersecurity plan

Answer a few quick questions and we'll build a step-by-step plan tailored to your situation — no jargon, no credit card required.

Start for free →

Step 5 — Scan Your Devices for Malware

Run a security scan on each device you use:

  • Windows: Windows Security → Virus & Threat Protection → Quick Scan
  • Mac: Malwarebytes free version (malwarebytes.com)
  • Mobile (Android): Malwarebytes or Bitdefender
  • iPhone: Malware is rare on iOS. Focus on reviewing app permissions and account access instead.

Disconnect from the internet while the scan runs.

Step 6 — Review App Permissions

Apps can quietly access your camera, microphone, location, and contacts. Check what has been granted access:

  • iPhone: Settings → Privacy & Security
  • Android: Settings → Apps → Permissions
  • Windows: Settings → Privacy & Security → App Permissions

Revoke access for any app that does not need it — particularly camera and microphone permissions.

If You Find Something Wrong

  1. Change the password on the affected account immediately
  2. Enable two-factor authentication
  3. Contact your bank if any financial data was involved
  4. Report to Action Fraud: actionfraud.police.uk or 0300 123 2040
  5. Register for a free Cyber Nova AI account to get a prioritised recovery and protection plan for your situation

Related guides

Am I Being Hacked?

Signs your device or accounts may be compromised right now.

How to Recover a Hacked Account

If you find something wrong, follow these steps to recover access.

What Is Two-Factor Authentication?

Enable 2FA now to prevent future breaches.

Frequently asked questions

How can I tell if my email account has been hacked?

Check haveibeenpwned.com, review your Sent folder for emails you did not write, look for forwarding rules you did not create, and check your login history for unrecognised devices.

Is Have I Been Pwned safe to use?

Yes. It is independently operated, endorsed by the National Cyber Security Centre, and does not store or sell your data. It only checks your email address against known breach databases.

What should I do if I find I've been hacked?

Change the affected password immediately, enable two-factor authentication, contact your bank if any financial accounts are involved, and report to Action Fraud at actionfraud.police.uk.