When you lose control of an account because a person stole your password or a hacker used a computer program to generate a password and accessed your email, financial, social media or other account, it can be difficult to know exactly what to do next.
The best process to follow is based on the cause of the problem.
Changing your password is, of course, essential to prevent the hacker from accessing your account in the future. If you use a word that most people would not guess, and special characters and numbers afterward, it can be difficult for anyone to access the account in the future.
Email Account
If the hacked account is an email account, the hacker may have viewed username and password information in email messages stored on the account. It would make sense to change all usernames and passwords for other accounts that may have been identified and potentially accessed.
If a hacker accessed your account and installed malware, which can create spam or other security breach problems, ensuring that the system is protected by an anti-virus program is essential for removing any threat going forward. A strong malware detector is an important step for avoiding a future generation of the hacking experience that you are hoping to put behind you.
Financial Account
A financial account or another account with strong security measures may require an additional login step, such as a symbol. If your account has been hacked, change all login security identifiers to increase the security on the account.
Security Questions
Many accounts today have associated security questions to guarantee the identity of the person logging in. Some security questions are more difficult to guess than others. If a hacker accessed your social media or email accounts, it may be easy to answer your security questions, such as your mother’s maiden name, or the name of your favorite pet. Select those that are more difficult to answer as an additional step to re-establishing security on your accounts.
Password Storage
Storing passwords on a secure cloud storage website is usually the most secure approach to handling multiple passwords that are difficult to remember, particularly following a security breach. The new passwords may be particularly hard to recall, and you may need to change all of them at once, which is no easy task. Never write a password down and store it next to the device you use to access an account, and always change passwords periodically, at least every five months, to avoid hacking activity. A computer that generates random password combinations until it accesses an account usually takes at least six months to create a match. Changing the password will circumvent any activity.
Be Secretive
Do not divulge a username and password combination to anyone, even a close loved one. Some people have different standards regarding privacy and may accidentally reveal the details to someone else, which would breach your security without your knowledge and make your account vulnerable.
Source
http://www.theguardian.com/technology/2014/feb/03/what-to-do-email-hacked-how-to-prevent