It starts with a notification you didn't ask for. Maybe a "password changed" email at 3:00 AM while you were asleep, or a frantic text from your cousin asking why you’re suddenly selling cheap Ray-Bans or promoting a crypto scam on your timeline. Your stomach drops. You try to log in, but the credentials don't work. The recovery email? Changed. The phone number? Gone. You’re locked out of ten years of photos, memories, and private conversations. It's a digital home invasion. Knowing what to do when facebook is hacked isn't just about clicking a "forgot password" link; it’s a high-stakes race against an attacker who is currently pillaging your data and social reputation.
The panic is real. But panic is also the enemy of recovery.
Most people make the mistake of trying the same login over and over. They get frustrated and give up. Or worse, they fall for those "recovery experts" on Instagram who claim they can get your account back for $50. Newsflash: those are almost always scams too. Recovering a compromised Meta account requires a very specific, manual set of hurdles. You have to prove to a machine—and sometimes a very overworked human—that you are who you say you are.
The Immediate Response: Stop the Bleeding
If you still have any access at all, even just on one device, move fast. Speed is everything. Hackers usually go for the "grand slam"—they change the email, the password, and enable Two-Factor Authentication (2FA) using their own device. If they beat you to the 2FA step, the door is effectively bolted from the inside.
Check your email inbox immediately. Facebook sends a security alert whenever an email address is changed. Inside that email, there is a tiny, often overlooked link that says "Secure your account" or "This wasn't me." Clicking this is the single most effective way to reverse an unauthorized change because it tells Facebook’s automated systems that the recent "update" was malicious. It bypasses the standard login flow and takes you to a special recovery portal.
What if the email is gone? Maybe they deleted it. Check your "Trash" or "Deleted Items" folder. Hackers often log into the victim's email first—especially if you use the same password for everything—to delete the evidence of their break-in. This is why what to do when facebook is hacked starts with securing your email account first. If your Gmail or Outlook is compromised, you will never win the Facebook battle. Change that email password right now. Use a 20-character string of nonsense.
👉 See also: Astronauts Stuck in Space: What Really Happens When the Return Flight Gets Cancelled
Navigating the Facebook Identity Labyrinth
When the standard "Identity" check fails, you have to go to the official recovery hub. Don't Google it and click an ad. Type facebook.com/hacked directly into your browser. This is the official triage center.
Using a Trusted Device
Facebook tracks your "Known Devices." If you try to recover your account from a random laptop at a library, the system will likely reject you. Use the phone you always use. Use the home Wi-Fi you’ve used for years. The IP address match is a silent signal to Meta that you are the legitimate owner. It’s a bit creepy, but in this case, it’s your best friend.
The ID Upload Process
If the hacker changed your 2FA, you’ll likely hit a wall. You'll see a screen asking for a code you don't have. Look for the "Try another way" option. This should eventually lead to a request to upload a photo of your ID. This is where people get stuck. They take a blurry photo of a driver’s license on a messy table. Don't do that.
Place your ID on a flat, dark background. Ensure there is no glare from overhead lights. All four corners of the ID must be visible. Meta’s AI scans these, and if the "Name" and "Birthday" on the ID don't perfectly match your Facebook profile, the bot will auto-reject it. This is a massive problem for people who use nicknames or fake birthdays for privacy. If your profile name is "B-Dawg Smith" but your ID says "Robert Smith," you’re going to have a very hard time.
Why Hackers Even Want Your Account
It’s rarely personal. Unless you’re a celebrity or a high-profile activist, you aren't being targeted by a "mastermind." You were likely caught in a credential stuffing attack or a phishing net.
✨ Don't miss: EU DMA Enforcement News Today: Why the "Consent or Pay" Wars Are Just Getting Started
The value of a hacked account is three-fold:
- Ad Accounts: This is the big one. If you have a credit card linked to a Facebook Business Page, the hacker will run thousands of dollars in ads for their own products or scams.
- Social Engineering: They message your friends. "Hey, I'm stuck at the airport, can you Venmo me $20?" It works because it's coming from you.
- Data Harvesting: Your private messages contain a treasure trove of info. Think about how many times you’ve messaged a photo of a document or a phone number to a family member.
I've seen business owners lose their entire livelihood because their personal account was the only admin on a Business Manager page with a $5,000 daily spend limit. The financial wreckage is real. Honestly, it’s devastating.
What to Do When Facebook is Hacked and the Support Team is Silent
Let's be real: Meta’s customer support is notoriously difficult to reach. There is no 1-800 number. There is no "Live Chat" for free users. You are essentially dealing with an algorithm.
If you are a Meta Verified subscriber (the paid blue check), you actually get access to human support. It’s frustrating that you have to pay for security, but if your account is vital for your business or contains irreplaceable memories, some people find it's worth paying for a month just to get a human on the line.
Another "pro tip" that actually works: if you have an Oculus/Meta Quest headset, their support team is often more responsive than the general Facebook team. Since the accounts are linked, Quest support can sometimes escalate account access issues that the standard automated forms can't handle. It's a weird workaround, but when you're desperate, you use whatever works.
🔗 Read more: Apple Watch Digital Face: Why Your Screen Layout Is Probably Killing Your Battery (And How To Fix It)
Clearing the Malware
If you got hacked, how did it happen? If you didn't click a phishing link, there's a chance you have a "session hijacker" on your computer. This is a type of malware that steals your "browser cookies."
Basically, when you log into Facebook and click "Remember Me," your browser stores a small file called a cookie. A hacker can steal that file and put it in their own browser. Now, the Facebook server thinks the hacker is you, and they don't even need your password to get in. This bypasses 2FA entirely.
Before you log back into your recovered account, run a deep scan with Malwarebytes or a similar reputable tool. If you don't clean the "infostealer" off your machine, the hacker will just jump right back in the moment you log in again. It's a revolving door.
Building the Fortress for Next Time
Once you get back in—and you likely will if you’re persistent—you need to change everything. Don't just change the password. Change the "Recovery Email" to an address you don't use for anything else.
The 2FA Trap
Stop using SMS (text message) for Two-Factor Authentication. It's vulnerable to "SIM swapping," where a hacker convinces your mobile carrier to move your number to their device. Use an app like Google Authenticator or Authy. Or better yet, buy a physical security key like a YubiKey. It’s a little USB stick you have to physically touch to log in. No hacker in Eastern Europe can touch a physical key in your pocket.
App Permissions
Go to your settings and look at "Apps and Websites." You'll likely see a list of dozens of games and quizzes you signed into five years ago. Every one of those is a potential backdoor. Revoke everything. Clean house. It's better to have to re-login to Spotify once than to leave a hole in your digital fence.
Specific Action Steps to Take Right Now
- Check HaveIBeenPwned.com: Enter your email to see which data breaches you were involved in. This tells you where your password leaked.
- Warn your circle: Post on other platforms (Instagram, LinkedIn, or just a group text) that your Facebook is compromised. Tell them NOT to click any links sent from your profile.
- Contact your bank: If you had a card on file for Facebook Ads or Marketplace, cancel it. Don't wait for the charges to appear.
- Download your data: Once you regain access, go to Settings > Your Information > Download Your Information. Keep a copy of your photos and contacts on an external hard drive. If the account ever gets permanently disabled, you won't lose your life's history.
- Check the "Login Activity": See exactly where the hacker was located. This info is in the "Security and Login" section. It won't help you catch them, but it confirms the breach is real and not just a technical glitch.
Recovery is a marathon, not a sprint. You might have to upload your ID three times. You might get frustrated and want to throw your laptop out the window. Keep going. The automated systems are designed to be "safe," which unfortunately means they are also incredibly rigid. But if you follow the official paths and keep your local devices clean, the odds of getting your digital life back are in your favor.