Account
Compromise

An account becomes compromised when a cyber attacker steals your username and password. Unless you have MFA enabled for that account, the attacker will now be able to log in and access any data associated with it.

Account compromise is often the first step in a larger cyber-attack. If your email account becomes compromised (also known as Business Email Compromise) the attacker may impersonate you and attempt to defraud one of your contacts. An attacker might also use a compromised email account to access other important accounts such as your online banking.

If your laptop account becomes compromised, the attacker might use this access to steal important business data or install malware such as ransomware.

Warning Signs

Watch out for these signs of a compromised account:

  • You are unable to log in, even though you’re sure you are using the correct username and password.
  • Unexpectedly receiving a notification that your password has been reset.
  • Notifications about login attempts on devices and locations you don’t recognise, or at strange times.

Actions

If you believe that any of your accounts have been compromised, take the following steps:
  1. Change your password, making sure to pick something that is long enough and strong enough.
  2. Enable MFA.
  3. Many online services allow you to manage your logins. If available, use this facility to log out of all connected devices.
  4. If your email account has been compromised, it may also be necessary to secure any accounts that use that email as a recovery option, or that use Single Sign-On (SSO) provided by your email service provider.
  5. Report the incident to your local Garda station, and notify any of your contacts that may be affected.