I think someone accessed my account without permission
Read this first if you suspect your account was accessed by someone other than you.
TL;DR — do these 3 things right now
Contact us immediately — email [email protected], use live chat, or call us. We'll review your account and help you lock it down.
If you can still sign in, reset your password right now at https://www.formationhub.com/member/forgot-password. Request a new password even if you still know your current one, so any password an attacker may have stops working.
Check your portal and your inbox for anything you don't recognize — filings, documents, payment methods, or profile changes — and tell us about it.
Then come back and read the rest of this article.
Signs of unauthorized access
Common indicators someone else has accessed your account:
Account indicators
You get a sign-in confirmation, password-reset, or order confirmation email you didn't trigger
Your password "doesn't work anymore" (someone may have changed it)
Your account email was changed and you didn't request it
Activity indicators
Documents you don't recognize in your portal
Filings you didn't request
Payment methods you didn't add
Profile changes (name, email, address you didn't make)
Communication preferences changed
External indicators
A bank flagged a charge from FormationHub you didn't authorize
You received a confirmation email for an order you didn't place
A state filing happened in your name without your knowledge
What to do (detailed steps)
Step 1: Secure access
Even if you can still sign in, act quickly:
Go to https://www.formationhub.com/member/forgot-password and request a password reset, even if your current password still works.
Set a new password you haven't used anywhere else.
Contact [email protected] (or live chat / phone) right away so we can look into what happened.
If you can't sign in because the password was changed:
Use "Forgot password" at https://www.formationhub.com/member/forgot-password — a reset link is sent to your account email.
If your email address on the account was also changed, contact us directly at [email protected]. Email changes on an account are handled by our support team (not self-serve), so we can verify your identity and update it for you.
Step 2: Notify us
Email [email protected] with:
Your account email
When you noticed something was wrong
What specifically looked suspicious (unexpected emails, unauthorized changes, unrecognized charges, etc.)
Whether you've already reset your password
A phone number we can reach you at
You'll typically hear back within about an hour. We'll look into your account's recent activity, help you regain exclusive control, and follow up with what we found.
Step 3: Audit your other accounts
Most account takeovers happen because of a reused or leaked password, not because of a FormationHub-specific security issue. They're usually because:
You reused the FormationHub password somewhere else, and that other site got breached
A phishing email tricked you into entering your credentials on a fake site
While the attacker had access to FormationHub, they may have also tried:
Your email account
Your bank accounts
Other business / productivity services using the same email + password
Action: change passwords on every important service that shares an email with your FormationHub account. Especially:
Your email (Gmail, Outlook, etc.)
Your bank / financial accounts
Government services (IRS account if you have one)
Other business services (QuickBooks, Stripe Dashboard, etc.)
Use a password manager going forward so each site has a unique password.
Step 4: Monitor your statements
For 30-90 days after the incident, monitor:
Credit card / bank statements for unauthorized charges
Payment receipts from FormationHub (if you see charges that aren't yours, report immediately)
Your business bank account for unauthorized transactions
Your email inbox for confirmations of services you didn't sign up for
If you see anything suspicious, report it to the relevant service AND to us.
Step 5: Consider a credit freeze
If the attacker accessed your SSN or other identifying info (e.g., from your BOI filing):
Freeze your credit at all three bureaus:
Equifax: 800-685-1111
Experian: 888-397-3742
TransUnion: 800-680-7289
Frozen credit prevents new accounts being opened in your name
You can temporarily lift the freeze when you need to apply for credit yourself
Free at all three bureaus.
What we do in response
When you report unauthorized access, we will:
Look into your account's recent activity for signs of unauthorized access
Help you regain exclusive control of your account
Identify unauthorized changes and help undo what we can (for example, reverting a profile change, or cancelling a filing that hasn't yet been submitted to the state)
Look into any charges you don't recognize — our standard refund policy applies to accidental or duplicate charges, and you can also dispute a charge directly with your card issuer
Follow up with you by email once we've looked into it
What we CAN'T undo
LLC filings that have already been accepted by the state — we can't reverse these on our end. Undoing a state filing generally means formally dissolving or amending the LLC with the state, which isn't a service we offer; you'd want to work with the state directly or consult an attorney.
EIN applications already processed by the IRS — we can't reverse these either. The IRS handles closing an EIN account; you can reach them at 800-829-4933.
Mail scans we delivered — these are already in your portal, but the attacker may have already viewed them
Funds the attacker withdrew via our payment processor (disputes via your card issuer)
Filing reports
For serious incidents:
FTC: https://reportfraud.ftc.gov — file a complaint, get a recovery plan
FBI IC3: https://www.ic3.gov — for cybercrime reporting (especially with financial loss)
State attorney general: many states have consumer protection offices for identity theft
Local police: file a police report for identity theft (some banks require this for fraud claims)
Preventing future incidents
After resolving this one:
✅ Use a password manager with unique passwords per site
✅ Don't reuse your FormationHub password anywhere else
✅ Enable 2FA on other important accounts that support it (email, banks, etc.)
✅ Use a recovery email that you control and have secured
✅ Be skeptical of email links — sign in directly via https://www.formationhub.com/member/login
Common questions
"Was FormationHub hacked?"
Account takeovers are typically due to credentials leaked elsewhere (other site breaches, phishing, malware) and reused to try logging into multiple services, rather than a problem with FormationHub's systems specifically. Contact us and we'll look into your account's activity and let you know what we find.
"Will my LLC be okay?"
Almost always yes. We can help address unauthorized changes within our system. State filings that have already been accepted by the state are harder to reverse — see "What we CAN'T undo" above.
"Can I sue someone for accessing my account?"
If it would help a law enforcement investigation, reach out to support and we'll see what account activity information we're able to share. Successful prosecution depends on jurisdiction and the attacker's location.
"Will you cover damages?"
We don't guarantee blanket damages coverage. If there are charges you don't recognize on your account, tell us and we'll look into it — our standard refund policy covers accidental or duplicate charges, and you can also dispute a charge directly with your card issuer. Reach out to [email protected] to talk through your specific situation.
"Should I close my account and start fresh?"
Usually not necessary. Resetting your password and securing your other accounts is sufficient for most incidents. If you want a fresh start anyway, see Closing your account.
Next steps right now
Reset your password: https://www.formationhub.com/member/forgot-password
Email [email protected] — or reach us by live chat or phone
Check your portal and inbox for anything you don't recognize
We treat unauthorized-access reports as a high priority — you'll typically hear back within about an hour.