Skip to main content

I think someone accessed my account without permission

Read this first if you suspect your account was accessed by someone other than you.

I think someone accessed my account without permission

Read this first if you suspect your account was accessed by someone other than you.

TL;DR — do these 3 things right now

  1. Contact us immediately — email [email protected], use live chat, or call us. We'll review your account and help you lock it down.

  2. If you can still sign in, reset your password right now at https://www.formationhub.com/member/forgot-password. Request a new password even if you still know your current one, so any password an attacker may have stops working.

  3. Check your portal and your inbox for anything you don't recognize — filings, documents, payment methods, or profile changes — and tell us about it.

Then come back and read the rest of this article.

Signs of unauthorized access

Common indicators someone else has accessed your account:

Account indicators

  • You get a sign-in confirmation, password-reset, or order confirmation email you didn't trigger

  • Your password "doesn't work anymore" (someone may have changed it)

  • Your account email was changed and you didn't request it

Activity indicators

  • Documents you don't recognize in your portal

  • Filings you didn't request

  • Payment methods you didn't add

  • Profile changes (name, email, address you didn't make)

  • Communication preferences changed

External indicators

  • A bank flagged a charge from FormationHub you didn't authorize

  • You received a confirmation email for an order you didn't place

  • A state filing happened in your name without your knowledge

What to do (detailed steps)

Step 1: Secure access

Even if you can still sign in, act quickly:

  1. Go to https://www.formationhub.com/member/forgot-password and request a password reset, even if your current password still works.

  2. Set a new password you haven't used anywhere else.

  3. Contact [email protected] (or live chat / phone) right away so we can look into what happened.

If you can't sign in because the password was changed:

  • Use "Forgot password" at https://www.formationhub.com/member/forgot-password — a reset link is sent to your account email.

  • If your email address on the account was also changed, contact us directly at [email protected]. Email changes on an account are handled by our support team (not self-serve), so we can verify your identity and update it for you.

Step 2: Notify us

Email [email protected] with:

  • Your account email

  • When you noticed something was wrong

  • What specifically looked suspicious (unexpected emails, unauthorized changes, unrecognized charges, etc.)

  • Whether you've already reset your password

  • A phone number we can reach you at

You'll typically hear back within about an hour. We'll look into your account's recent activity, help you regain exclusive control, and follow up with what we found.

Step 3: Audit your other accounts

Most account takeovers happen because of a reused or leaked password, not because of a FormationHub-specific security issue. They're usually because:

  • You reused the FormationHub password somewhere else, and that other site got breached

  • A phishing email tricked you into entering your credentials on a fake site

While the attacker had access to FormationHub, they may have also tried:

  • Your email account

  • Your bank accounts

  • Other business / productivity services using the same email + password

Action: change passwords on every important service that shares an email with your FormationHub account. Especially:

  • Your email (Gmail, Outlook, etc.)

  • Your bank / financial accounts

  • Government services (IRS account if you have one)

  • Other business services (QuickBooks, Stripe Dashboard, etc.)

Use a password manager going forward so each site has a unique password.

Step 4: Monitor your statements

For 30-90 days after the incident, monitor:

  • Credit card / bank statements for unauthorized charges

  • Payment receipts from FormationHub (if you see charges that aren't yours, report immediately)

  • Your business bank account for unauthorized transactions

  • Your email inbox for confirmations of services you didn't sign up for

If you see anything suspicious, report it to the relevant service AND to us.

Step 5: Consider a credit freeze

If the attacker accessed your SSN or other identifying info (e.g., from your BOI filing):

  • Freeze your credit at all three bureaus:

  • Equifax: 800-685-1111

  • Experian: 888-397-3742

  • TransUnion: 800-680-7289

  • Frozen credit prevents new accounts being opened in your name

  • You can temporarily lift the freeze when you need to apply for credit yourself

Free at all three bureaus.

What we do in response

When you report unauthorized access, we will:

  • Look into your account's recent activity for signs of unauthorized access

  • Help you regain exclusive control of your account

  • Identify unauthorized changes and help undo what we can (for example, reverting a profile change, or cancelling a filing that hasn't yet been submitted to the state)

  • Look into any charges you don't recognize — our standard refund policy applies to accidental or duplicate charges, and you can also dispute a charge directly with your card issuer

  • Follow up with you by email once we've looked into it

What we CAN'T undo

  • LLC filings that have already been accepted by the state — we can't reverse these on our end. Undoing a state filing generally means formally dissolving or amending the LLC with the state, which isn't a service we offer; you'd want to work with the state directly or consult an attorney.

  • EIN applications already processed by the IRS — we can't reverse these either. The IRS handles closing an EIN account; you can reach them at 800-829-4933.

  • Mail scans we delivered — these are already in your portal, but the attacker may have already viewed them

  • Funds the attacker withdrew via our payment processor (disputes via your card issuer)

Filing reports

For serious incidents:

  • FTC: https://reportfraud.ftc.gov — file a complaint, get a recovery plan

  • FBI IC3: https://www.ic3.gov — for cybercrime reporting (especially with financial loss)

  • State attorney general: many states have consumer protection offices for identity theft

  • Local police: file a police report for identity theft (some banks require this for fraud claims)

Preventing future incidents

After resolving this one:

  • ✅ Use a password manager with unique passwords per site

  • ✅ Don't reuse your FormationHub password anywhere else

  • ✅ Enable 2FA on other important accounts that support it (email, banks, etc.)

  • ✅ Use a recovery email that you control and have secured

  • ✅ Be skeptical of email links — sign in directly via https://www.formationhub.com/member/login

Common questions

"Was FormationHub hacked?"

Account takeovers are typically due to credentials leaked elsewhere (other site breaches, phishing, malware) and reused to try logging into multiple services, rather than a problem with FormationHub's systems specifically. Contact us and we'll look into your account's activity and let you know what we find.

"Will my LLC be okay?"

Almost always yes. We can help address unauthorized changes within our system. State filings that have already been accepted by the state are harder to reverse — see "What we CAN'T undo" above.

"Can I sue someone for accessing my account?"

If it would help a law enforcement investigation, reach out to support and we'll see what account activity information we're able to share. Successful prosecution depends on jurisdiction and the attacker's location.

"Will you cover damages?"

We don't guarantee blanket damages coverage. If there are charges you don't recognize on your account, tell us and we'll look into it — our standard refund policy covers accidental or duplicate charges, and you can also dispute a charge directly with your card issuer. Reach out to [email protected] to talk through your specific situation.

"Should I close my account and start fresh?"

Usually not necessary. Resetting your password and securing your other accounts is sufficient for most incidents. If you want a fresh start anyway, see Closing your account.

Next steps right now

  1. Email [email protected] — or reach us by live chat or phone

  2. Check your portal and inbox for anything you don't recognize

We treat unauthorized-access reports as a high priority — you'll typically hear back within about an hour.

Did this answer your question?