I'm feeling really overwhelmed and could use some guidance. Last December, my professional email account with Hostinger was hacked. The attacker reached out to me, claiming to have full access and demanded a Bitcoin ransom to "leave me alone." I couldn't afford to pay, so I created a stronger password and logged out all devices. Unfortunately, things escalated from there.
The hacker then managed to delete all the content from my WordPress site—also hosted on Hostinger—and has been attempting logins on various platforms like Facebook, Instagram, and even my old League of Legends account using a VPN. Fortunately, I have two-factor authentication (2FA) enabled, so they haven't succeeded yet.
The hacker even found my personal email address and has been trying to breach it, though 2FA is protecting it. In an alarming twist, they somehow accessed my mother's email account and created two Netflix subscriptions on her profile, but she got that sorted out.
I've changed all my passwords, even those safeguarded by 2FA, but I'm unsure what else I can do. I just want some peace of mind!
So, I have a few questions:
- What steps can I take to completely get rid of this hacker?
- Would creating a new email and moving my accounts to it actually help?
- Is there anything else I might be overlooking?
The stress this situation has caused is really getting to me, and I'm not in a position to rebuild my website after it was destroyed. I'd really appreciate any advice you can share. Thanks for taking the time to read this!
4 Answers
First off, it's essential to report this to the police, even if it feels futile. At least you'll have a record for insurance or identity theft issues. Switching emails might help, but do it methodically. Start with less important accounts and gradually move to the critical ones. Consider reinstalling your operating system—hackers can leave traces behind. Also, make sure your WordPress plugins are updated; outdated or insecure plugins are often the gateway for attacks.
WordPress plugins can be a major vulnerability. It’s worth getting a professional to check their security, or do some research yourself. Migrating to a new email can provide temporary relief, but be aware it’s likely to get leaked in the future. Just focus on securing your accounts. Your luck may change over time, and the attacks might slow down.
I recommend using an email alias service for extra security. This way, you can create unique email addresses for different services and only share your real email with trusted contacts. If one of the aliases gets leaked, you can easily delete it and set up a new one. Also, as you've experienced, never reuse passwords. Consider using a password manager for better protection. Your use of 2FA has been a lifesaver; keep that up and stay vigilant!
At this point, you should treat your email like a precious asset. Changing passwords isn't enough alone—consider high-security passwords, and definitely keep 2FA active everywhere. Just be aware, some of your info may already be out there, so focus on strong, unique passwords moving forward.
Related Questions
How to Build a Custom GPT Journalist That Posts Directly to WordPress
Cloudflare Origin SSL Certificate Setup Guide
How To Effectively Monetize A Site With Ads