Have You Been Hacked?

With stories of data breaches and hacks emerging almost every day it seems, it’s no wonder we often think we might have become a victim.
2-minute version

Don’t panic – just 1% of households in the UK were successfully hacked in 2022.


Tell-tale signs you might have been hacked:


  • unexpected logins or changes in your online accounts
  • your computer or laptop is slower than usual
  • pop-up ads and windows keep appearing – even outside browsers
  • contacts receiving emails or messages from you that you didn’t send
  • antivirus software being disabled without your knowledge
  • devices crashing or restarting
  • files or documents going missing
  • unusually high broadband or mobile data usage

Steps to take:

  1. Check the have i been pawned? site to see if your email address appears in lists of known hacks.
  2. Install (if necessary), update and run a manual antivirus scan (links to reputable providers here) and follow through to deleting any infected files.
  3. If you feel uncertain, or you now know you’ve been hacked, change passwords on key online accounts e.g. banking, healthcare, email and social media. Use strong, unique passwords – tools available here.
  4. For the longer-term, consider signing-up to the have i been pawned? notification service and to credit monitoring services.

If you’re still unsure, and if you have a cyberSOS:respond, cyberSOS:restore or cyberSOS:protect plan, call our friendly cyber experts at any time of the day or night and we will happily help.


True hacking, thankfully, only affected around 1% of households in the UK in 2022 so, statistically at least, you’re very unlikely to have been affected.

There’s also a world of difference between the consequences of being hacked compared with a device becoming infected with a virus or other malware. If you’d like to understand more, check out our article here.

However, if you’re starting to notice any of the following, it’s probably worth investigating further:

  • unrecognised logins, password changes or transactions in your online accounts
  • notifications about failed login attempts or password reset attempts you didn’t make
  • on your computer or laptop, slow or unusual behaviour, including
  • pop-up ads (especially when you’re not actually in an internet browser), your browser homepage changing without you doing so or you being redirected to unfamiliar websites when you’re surfing
  • contacts receiving messages or emails from you that you didn’t send
  • antivirus software suddenly being disabled without your knowledge
  • laptops and desktop computers crashing frequently or restarting themselves, or displaying error messages you haven’t seen before
  • important files or documents going missing
  • warnings from your broadband or mobile phone provider that you are using unusually high amounts of data 

If any or some of things seem to be happening to you, the first thing to do is don’t panic.

Some or many of these things can be explained away perfectly innocently, so please don’t immediately assume the worst.

Step one

Check in with the fantastic free service, have i been pwned?.

While by no means fool-proof, this service constantly collects and analyses data from known hacks and breaches. There are literally billions of records to search.

Simply put your email address(es) into the search box on their homepage, and the service will tell you if it has seen them in any of the data it has analysed and, if so, when and which breach it was associated with.

By clicking on “Notify Me” on their site, there’s also a pro-active notification service that you can choose to sign-up to if you wish. So rather than having to remember to check manually for any breaches, the site will let you know if it detects your email address in future analysis it does.

All-in-all a great hygiene (and sanity!) check if you’re worried about whether your online accounts have been compromised somewhere. 

Step two

Have you got antivirus software on the device you think might have been hacked?

If so, has it updated recently, and has it been run recently? If the answer to either of those is “no”, then please make sure it is up-to-date and then manually run a scan. We will put a list together of how to do all of that for the top 5 antivirus software providers in the next few weeks.

If you haven’t got any antivirus software running, pop over to our “downloadable tools and software” page and use the download links there to get access to software from reputable antivirus providers. There are FREE options and plenty with free trials, so it needn’t cost you a penny.

Once you’ve installed the software and run a scan, you’ll be in a much better position to know whether your device has been affected by a hack or malware.

Step three

This is the bit that requires a bit more work.

If the antivirus scan tells you that your device has been infected, then let the antivirus software do its thing to remove it (if it can).

If the scan says that your device is clean, it doesn’t mean that your online accounts haven’t been in some way compromised, so if you’re still concerned – and especially if you’ve seen any of the tell-tale signs of being hacked above – then you should seriously consider changing the passwords, particularly on your most sensitive online accounts – like banking, healthcare, email and social media.

Remember to use unique, strong passwords – and if you need help to understand what that means, head over here to our helpful glossary of terms.

If you’d like some assistance in creating strong passwords (and then storing them somewhere safely) you might want to consider a password manager – we have plenty of FREE and free-to-try examples on our “downloadable tools and software” page for you to choose from.


Often the effects of hacking only become obvious over the longer-term.

So subscribing to the have i been pwned? notification service might be a worthwhile thing to do in any case.

On top of that, you might want to sign-up to one of the (some free, many free-to-try) credit monitoring services that are out there. At least then, if someone is impersonating you to apply for financial products, you’ll get the earliest warning possible that it’s happening.

If you’re still unsure, or in any way worried, or don’t know where to start, if you have a cyberSOS:respond, cyberSOS:respond plus, cyberSOS:restore or cyberSOS:protect plan, call our friendly cyber experts at any time of the day or night and we will happily help.

If you don’t have one of our plans, our emergency helpline won’t be open to you this time as there is a 14-day wait period at the start of all our plans, but please take a look at what we can offer for next time.