By using AWS re:Post, you agree to the Terms of Use

AWS account hacked

1

My AWS account has been hacked, lots of technical things have been created that I don’t understand (VPS, Network Interfaces and such like) and I cannot delete them, nor get any Amazon customer ‘support’. What should I do??

  • Hi MN

    If you have access to your account: Set up MFA and reset your credentials and all IAM users that have admin. Please note that MFA only secures your console access (in the browser). Without restricting API access with IAM policies which specifically require MFA access you can still access the API without MFA. I would check for any access keys and delete them as well if believed to be compromised. I would then go to your billing dashboard and disable all the resources that are running and set up billing alerts.

    If you do not have access to your account: Reach out to AWS via the following as soon as you can - https://support.aws.amazon.com/#/contacts/aws-account-support

    If anyone has more suggestions, please feel free to add to this or correct me if I have missed something.

2 Answers
1

I have the same problem. Amazon authorized an email change for my account without my consent. They want to charge me an invoice of $ 7,884 to my credit card that I had to cancel because they had stolen my data from amazon. The only response I get from AWS is that I do a series of steps that I don't have the knowledge to do. I am completely helpless. Does anyone know where I can report the case?

answered 4 months ago
  • I have the same problem. AWS support has not been helpful with resolving this, indicating instead that user is responsible for all activities carried out on the account.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions