Hi, it sounds like someone has got access to your account's root user if they were able to change the main email address. Have you been logging in only as the root user, or so you have an IAM user you can still use to get in? AWS advise always applying MFA to the root user and then not using it except in emergencies; you're right about it being way too easy to be locked out if you don't do that.
There are three ways to login as root if you've set them up. Firstly the email address + password + (hopefully) MFA. Failing that, "alternate factors" where you are contacted on the account email address and phone number, but this doesn't help if the email address has changed. Failing that, contacting AWS and using your security questions & answers - if these are set up and whoever broke into your account hasn't reset them, you can get root access this way.
Beyond that I believe you may be able to get access via some legal attestation process but I've never been there so don't know for sure.
- AWS 官方已更新 1 年前