Someone hacked my account

Hello Webflow Support,

One of my client’s Webflow accounts has been hacked. The attacker set up 2FA authentication, changed the password, and attempted to change the email address, though they haven’t been able to do so yet.

I am currently unable to log in to the account. When I try to reset the password using the “Forgot Password” option, the reset process works, but it then asks for the 2FA code. Since I didn’t set up 2FA myself, I do not have access to the 2FA code.

Can anyone please assist me in resolving this issue as soon as possible? There are multiple sites associated with this account, and all my websites are at risk.

Thank you for your help.

Hi Subir-

1 Like

Thank you so much! Michael, We’ve successfully regained access to the account.

2 Likes

I am having the same problem…I need to have the 2FA turned off. I think I have been hacked??? I can’t log in.

I’ve never heard of any WF accounts getting hacked, but I suppose it’s a possibility. That account recovery link is where you need to go next.

Yah I did that but haven’t heard back. It has been 4 hours.

I’d expect 24 - 48 hours, but you might get lucky.
Keep in mind that the support desk gets a lot of requests, and that account access requests require special handling for security.

Trying to figure out how you might have enabled 2FA without knowing it. Is it possible you’re using a Google OAuth login and have enabled 2FA there? If so you should be able to login to Webflow using that same email in the standard email+password login and do a password recovery.

1 Like

Thank you. I honest to god don’t remember enabling the 2FA. I suppose I could search that app.