Some mitigation steps to help you after an e-mail or other online account is compromised. (Things to think about)
1) Change ALL of your passwords and 2-factor when possible. This is especially true if you share the same password among other sites such as banking, facebook, twitter, etc. If you were an administrator of e-mail or the affected service, you should consider forcing all accounts to change their passwords and enable 2-factor as a precaution. When 2-factor is not an option be sure to use at least 16+ character strong passwords. You may wish to a password service such as DashLane (https://www.dashlane.com/en/cs/gRT-IgRWliGW) to secure your passwords (don’t forget to 2-factor your login for DashLane however)
2) Assume all information contained within your e-mail has been compromised. This also includes related online services and data not limited to G Suite Drive, Calendar Events, Photos, Contacts, etc Look for missing items that may have been deleted. You may wish to contact your banking/credit institutions to report your e-mail being hacked so they can put a closer eye on your account. Consider putting a freeze on your credit through the three reporting agencies.
Equifax – www.equifax.com
P.O. Box 740241. Atlanta, GA 30374-0241. 1-800-685-1111.
Experian – www.experian.com
P.O. Box 2104. Allen, TX 75013-0949. 1-888-EXPERIAN (397-3742)
TransUnion – www.transunion.com
P.O. Box 1000. Chester, PA 19022. 1-800-916-8800.
3) Scan your computers/network for viruses.
4) Check your e-mail settings (especially rules) to ensure the hacker did not change your mail filters to route everything to trash. Check your trash bin for items that were trashed and move them back to your inbox as needed.
5) Involve the office in a security discussion to ensure everyone is doing their part to remain vigilant when it comes to the online and physical security of your office and the data that it owns. Remind employees not to take online or phone surveys and never share information about the office with unknown callers. Hackers will spend the time to get to know your company and will often ask smart questions to start putting the puzzle pieces together. Never share personal information over the phone or about another employee. It is recommended to have a security discussions one or more times per year.
6) Look for new accounts or other suspicious activities that the hacker could have done while accessing your account(s). History and other artifacts are usually cleaned as they go through the system. When in doubt call an expert, like HTDNET, to do an extensive review of your accounts and services to minimize risk especially when online banking and other sensitive items may have been compromised.
7) Be sure to report the event to authorities especially if you or someone else suffered a financial loss. One helpeful website is Federal Bureau of Investigation Internet Crime Complaint Center or aka IC3.