What to do if you’ve been hacked

It is sometimes difficult to tell if you’ve been hacked. However, indicators such as your email contacts are receiving phishy emails from you, programs are running that you never downloaded or installed programs are crashing are all red flags of a possible hacking attempt.

Even if you aren’t certain whether your device or account has been hacked, take the following measures to protect your data against cyber threats:

  • Change your affected passwords. Immediately change the password on any affected account, using a different device than the one that was hacked. Though it is never a good practice to share or have similar passwords across accounts, if you do, ensure you change those passwords as well. To secure your data, follow recommendations for using strong passwords as well as the NC State Password Standard for all university accounts.
  • Scan your device for viruses and malware. Using reputable antivirus and antimalware software, run a scan on your device to detect and remove any sort of infection.
  • Alert your account’s fraud department. For sensitive data accounts, such as for banking or online shopping, contact the company to let them know your account may have been compromised. They can monitor activity or put holds on financial transactions, if needed. Ensure you also review your account activity and report any unusual findings.
  • Let your contacts know about the hack. Hackers often gain access to other accounts using phishing tactics from accounts they’ve already accessed, since people are less suspicious of emails coming from someone they know. If you’ve been hacked, use another device or method to inform your contacts, so that they will be on the lookout for any suspicious communications that appear to come from you.
  • Update your software and apps. Make sure you keep your software and apps up-to-date, patched and running on the most current version of your operating system. Also ensure your antivirus software is updated prior to downloading application to help block new types of viruses and malware.
  • Always be prepared with backups. Back up your data in case your information is ever compromised. Consider storing data on an external drive and in trusted cloud storage.
  • Take additional steps to secure your data. Follow Safe Computing at NC State recommendations and basic steps for your online safety and security, including enrolling in any two-factor authentication (2FA) methods available on your accounts. Google 2-Step and Duo are both available and required for NC State employees.

If you believe any device you use to store or transmit university data has been compromised, contact the NC State Help Desk at help@ncsu.edu or 919.515.4357 (HELP).