Root Account Hacked


Hi All,

I'm a student and opened my account for learning purpose a year back and suddenly last week I got a mail from amazon of suspicious activity and they have created a ticket . Since then my billing has been around 14k dollars . I keep on following with amazon customer support they provide some h*ll lot of documents to go through before they take any action .

I'm really worried about the billing and I don't want this account as well.

Can anyone help me with solving this like closing this account will help as my bill hasn't been paid


  • Interesting! Did you use the same password on AWS as you did for another website? If so, you should change your passwords immediately, since that's probably how somebody discovered your password.

1 Answer

This is one of the reasons you should ALWAYS enable MFA on the root account the first thing you opened an AWS account.

That said, now that it already happened, you should change your credential, remove access keys/IAM users and enable MFA.

Then delete all resources you are not using in the accounts. You can see what is costing you money in the Billing Dashboard.

Only then should you close the account.

As to the existing charge, you best course of action is following instructions of the customer service and go through the documents as soon as you can.

Here are some details items you should do in such scenarios.

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions