Signs Your Facebook Account Has Been Hacked
If you’ve lost access to your Facebook account, or you’re seeing activity you don’t recognise, your account may have been compromised. Common signs include:
📌 Table of Contents
- Signs Your Facebook Account Has Been Hacked
- Step 1: Try to Log In and Start the Recovery Process
- Step 2: Use “Forgot Password” Recovery Options
- Step 3: Report the Hack to Facebook Directly
- Step 4: Report to Action Fraud (UK)
- Step 5: Secure Any Linked Accounts
- After Recovery: Securing Your Account
- UK Consumer Rights and Data Breach
- Common Hacking Methods (and How to Avoid Them)
- Summary
- You can no longer log in with your password
- Your registered email or phone number has been changed
- Friends are receiving messages you didn’t send
- Your name, profile picture, or personal details have been altered
- Facebook has sent you security alerts about logins from unknown locations
Acting quickly is critical. The sooner you begin recovery, the better your chances of regaining full access.
Step 1: Try to Log In and Start the Recovery Process
Go to facebook.com/login/identify to start Facebook’s account recovery flow. Enter your email address, phone number, name, or username to locate your account. Facebook will then walk you through available recovery options depending on what information is still accessible.
Step 2: Use “Forgot Password” Recovery Options
If the hacker has changed your email or phone number, you’ll need to use the “No longer have access to these?” option. Facebook may ask you to:
- Confirm your identity by answering security questions
- Use a trusted contact (if you set one up previously)
- Submit a government-issued ID for identity verification
For UK users, acceptable ID includes a UK Passport, DVLA Driving Licence, or HM Armed Forces ID card.
Step 3: Report the Hack to Facebook Directly
Go to facebook.com/hacked and follow the steps to report that your account has been compromised. This triggers a specialised review process separate from the standard forgotten password flow, and may give you access to additional recovery options.
Need Help Right Now?
Browse our complete support directory for verified contact methods.
View Contact OptionsStep 4: Report to Action Fraud (UK)
In the UK, account hacking is a criminal offence under the Computer Misuse Act 1990. Report the incident to Action Fraud at actionfraud.police.uk or by calling 0300 123 2040. You’ll receive a crime reference number that can be useful if you need to prove identity theft to Facebook or other services.
If you believe someone in the UK is using your identity fraudulently (e.g. scamming your Facebook friends), this also falls under fraud offences and should be reported to Action Fraud.
Step 5: Secure Any Linked Accounts
If your Facebook was linked to Instagram, WhatsApp, your email, or any third-party apps via “Login with Facebook”, change the passwords for all of those accounts immediately. Hackers often use compromised Facebook accounts as a stepping stone to access other services.
After Recovery: Securing Your Account
Once you’ve regained access, take these immediate steps:
- Change your password to something strong and unique
- Enable two-factor authentication (2FA) via Settings > Security and Login
- Review Active Sessions and log out all unrecognised devices
- Check Apps and Websites and remove any unfamiliar connected apps
- Review recent activity and undo any changes made by the hacker
- Alert your friends that your account was compromised
UK Consumer Rights and Data Breach
Under the UK GDPR (which retained EU GDPR rules post-Brexit), Facebook is required to notify you of a personal data breach that affects your rights. If your account compromise involved a wider platform breach, Meta must report it to the Information Commissioner’s Office (ICO).
If you believe your data has been misused, you can file a complaint with the ICO at ico.org.uk. The ICO has the power to investigate and fine Meta for data protection violations.
Common Hacking Methods (and How to Avoid Them)
Understanding how hackers gain access helps you prevent future incidents:
- Phishing links: Fake login pages that steal your credentials. Always check the URL before entering your password.
- Password reuse: If you use the same password on multiple sites and one is breached, hackers try it on Facebook. Use a unique password.
- Malware: Software that captures your keystrokes. Keep your devices updated and use reputable antivirus software.
- SIM swapping: Criminals convince your mobile provider to transfer your number, gaining access to SMS-based 2FA. Use an authenticator app instead.
Summary
If your Facebook account has been hacked in the UK, start with facebook.com/hacked, use ID verification if needed, and report the crime to Action Fraud. Secure your linked accounts immediately and enable 2FA to prevent it from happening again.
