By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Root Account Hacked

0

Hi All,

I'm a student and opened my account for learning purpose a year back and suddenly last week I got a mail from amazon of suspicious activity and they have created a ticket . Since then my billing has been around 14k dollars . I keep on following with amazon customer support they provide some h*ll lot of documents to go through before they take any action .

I'm really worried about the billing and I don't want this account as well.

Can anyone help me with solving this like closing this account will help as my bill hasn't been paid

Thanks

  • John Rotenstein
    2 years ago

    Interesting! Did you use the same password on AWS as you did for another website? If so, you should change your passwords immediately, since that's probably how somebody discovered your password.

Topics
Security, Identity, & ComplianceManagement & Governance
Tags
AWS Security HubIncident ResponseAWS Account ManagementAccount Support
Language
English
AWS-User-1286513
asked 2 years ago349 views
1 Answer
1

This is one of the reasons you should ALWAYS enable MFA on the root account the first thing you opened an AWS account.

That said, now that it already happened, you should change your credential, remove access keys/IAM users and enable MFA.

Then delete all resources you are not using in the accounts. You can see what is costing you money in the Billing Dashboard.

Only then should you close the account.

As to the existing charge, you best course of action is following instructions of the customer service and go through the documents as soon as you can.

Here are some details items you should do in such scenarios.

Jason_S
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content