I believe my AWS account was hacked on April 8th, and now I've received a bill for $29. I didn't authorize any use of the services. Should I have to pay this bill, and what steps should I take next?
3 Answers
First off, it's important to check your billing details closely. If someone logged in and created resources, you might see charges related to that usage. You mentioned someone accessed your account and created users, which definitely sounds like a breach. You’ll want to look into that and see if it was indeed unauthorized or if it’s something you mistook for a hack.
For your specific case, consider looking into any AWS documentation on securing your account. There are also options to create a support case with AWS directly if you feel your account has definitely been compromised. They can guide you through the situation.
You might be looking at a situation where your password was weak or stolen. If you haven't done so already, change your password immediately and set up multi-factor authentication (MFA). Review your account for any resources you did not create and delete those. If things seem really off, consider contacting AWS support for further assistance.
Related Questions
Cloudflare Origin SSL Certificate Setup Guide
How To Effectively Monetize A Site With Ads