Why Reinstalling Windows Won’t Fix a Hijacked Account

System got hacked & reinstated Windows, but attackers stayed logged in. Learn why fresh installs don't fix hijacked accounts and the 6-step process to secure your accounts: sign out of all devices, reset passwords, and re-register

Garry BloomGarry Bloom · Founder & Senior IT Manager
4 June 2026
5 min read
CyberSecurity
ITSupportPerth
SmallBusinessIT
Microsoft365
PerthBusiness

Someone called us this week after losing control of multiple accounts — email, social media, and cloud services. They had already wiped and reinstalled Windows, expecting that to solve the issue.

It didn’t.

The attacker was still logged in.

The Common Misconception

Many people assume a “fresh install” removes a hacker. That’s only true if the threat is local (like malware on your PC).

But most modern account takeovers happen in the cloud — not on your device.

Once someone gains access to your account, they often:

  • Stay logged in on their own device

  • Add recovery methods (emails, phone numbers)

  • Register their own MFA or bypass yours

  • Connect third-party apps or sessions

So even if your computer is clean, your accounts are still compromised.

What Actually Fixes a Hijacked Account

To properly secure your accounts, you need to take control at the account level — not just the device.

Here’s the process we recommend:

  1. Sign out of all active sessions
    Most platforms allow you to log out of every device. This immediately cuts off the attacker.

  2. Reset passwords (properly)
    Use strong, unique passwords for every account. Avoid reusing old ones.

  3. Reconfigure MFA (Multi-Factor Authentication)
    Turn it off, then re-enable it from scratch. This ensures no unknown devices are still linked.

  4. Review connected apps and permissions
    Remove anything unfamiliar or unnecessary.

  5. Check recovery details
    Make sure only your email and phone number are listed.

  6. Only then — reinstall or clean your device
    This step is last, not first.

The Real Risk: One Click

In many cases, these attacks start with a single click:

  • A phishing email

  • A fake login page

  • A malicious link sent via social media

That’s all it takes.

Practical Takeaway for Small Businesses

If you or your team rely on Microsoft 365, social media, or cloud platforms daily, account security is business security.

A compromised account can mean:

  • Lost client trust

  • Data exposure

  • Business interruption

And it often happens quietly.

A Simple Check You Can Do Today

Go into your main business accounts and:

  • Review active sessions

  • Check MFA status

  • Look at connected apps

You might be surprised what’s still connected.

If this sounds like your current setup, I’m happy to help you tighten it up.

What’s the biggest IT or security scare your business has had recently?

Garry Bloom
Written by
Garry Bloom
Founder & Senior IT Manager · 25+ years in IT

Garry founded Computer Mechanics — the business behind IT Support Perth — in 1997. With more than 25 years in IT management and support across internal and external service environments, he leads the team's technical direction and its cybersecurity and managed-IT strategy for Perth businesses.

Meet the IT Support Perth team →
Garry Bloom
4 June 2026
5 min read
CyberSecurity
ITSupportPerth
SmallBusinessIT
Microsoft365
PerthBusiness

Stay Updated with IT Insights

Get the latest cybersecurity tips and technology insights delivered to your inbox

Related Articles

4 IT Gaps Small Businesses Overlook (and How to Close Them)

Most Perth businesses aren't undone by one huge disaster — it's the small IT gaps that stack up: missing MFA, delayed patching, old access nobody removed, and untested backups. Here's how teams under 50 users can close them. From Computer Mechanics, Perth IT specialists since 1997.

5 min read

How to Safely Offboard an Employee (and Protect Your Company Data)

When a staff member leaves, their access is a security risk until it's properly closed off. A practical Perth-business checklist for offboarding an employee without losing data or leaving a door open. From Computer Mechanics, Perth IT specialists since 1997.

5 min read

5 Signs Your Business Has Outgrown Your Current IT Guy

One trusted 'IT guy' works — until it doesn't. Here are five clear signs a Perth business has outgrown break-fix IT and needs a proper managed IT team. From Computer Mechanics, Perth IT specialists since 1997.

5 min read

Need Expert IT Support?

Get personalized advice from our Perth IT experts. Free consultation available.

Related Content

Continue Reading

Explore more insights and expert advice on IT support, cybersecurity, and digital transformation

Your Messages Are "Encrypted" — But the FBI Just Read Them Anyway. Here's What Every Perth Business Needs to Know.
CyberSecurity
ITSupportPerth

Your Messages Are "Encrypted" — But the FBI Just Read Them Anyway. Here's What Every Perth Business Needs to Know.

Most small business owners believe end-to-end encryption means their messages are completely private. A recent FBI case proves that assumption is dangerously incomplete.

5 min read
4/15/2026
third‑party vendor risk and data‑sharing security for SMBs
CyberSecurity
ITSupportPerth

third‑party vendor risk and data‑sharing security for SMBs

Over 100,000 sensitive parliamentary emails were handed to a private company that had already been hacked—turning a routine data transfer into a major cybersecurity incident. Discover how third‑party vendor risk affects Perth SMBs and learn practical steps to protect your business when sharing data with contractors.

5 min read
4/10/2026
Why Perth SMBs Are Ditching On-Prem Email and Migrating to Microsoft 365
Microsoft365
ExchangeOnline

Why Perth SMBs Are Ditching On-Prem Email and Migrating to Microsoft 365

Discover why Perth SMBs are ditching on-prem Exchange for Exchange Online. Learn how Microsoft 365 delivers reliability, security & BYOD control.

5 min read
4/9/2026