(08) 9325 1196

Why Reinstalling Windows Won’t Fix a Hijacked Account

System got hacked & reinstated Windows, but attackers stayed logged in. Learn why fresh installs don't fix hijacked accounts and the 6-step process to secure your accounts: sign out of all devices, reset passwords, and re-register

IT Support Perth Team
4 June 2026
5 min read
CyberSecurity
ITSupportPerth
SmallBusinessIT
Microsoft365
PerthBusiness

Someone called us this week after losing control of multiple accounts — email, social media, and cloud services. They had already wiped and reinstalled Windows, expecting that to solve the issue.

It didn’t.

The attacker was still logged in.

The Common Misconception

Many people assume a “fresh install” removes a hacker. That’s only true if the threat is local (like malware on your PC).

But most modern account takeovers happen in the cloud — not on your device.

Once someone gains access to your account, they often:

  • Stay logged in on their own device

  • Add recovery methods (emails, phone numbers)

  • Register their own MFA or bypass yours

  • Connect third-party apps or sessions

So even if your computer is clean, your accounts are still compromised.

What Actually Fixes a Hijacked Account

To properly secure your accounts, you need to take control at the account level — not just the device.

Here’s the process we recommend:

  1. Sign out of all active sessions
    Most platforms allow you to log out of every device. This immediately cuts off the attacker.

  2. Reset passwords (properly)
    Use strong, unique passwords for every account. Avoid reusing old ones.

  3. Reconfigure MFA (Multi-Factor Authentication)
    Turn it off, then re-enable it from scratch. This ensures no unknown devices are still linked.

  4. Review connected apps and permissions
    Remove anything unfamiliar or unnecessary.

  5. Check recovery details
    Make sure only your email and phone number are listed.

  6. Only then — reinstall or clean your device
    This step is last, not first.

The Real Risk: One Click

In many cases, these attacks start with a single click:

  • A phishing email

  • A fake login page

  • A malicious link sent via social media

That’s all it takes.

Practical Takeaway for Small Businesses

If you or your team rely on Microsoft 365, social media, or cloud platforms daily, account security is business security.

A compromised account can mean:

  • Lost client trust

  • Data exposure

  • Business interruption

And it often happens quietly.

A Simple Check You Can Do Today

Go into your main business accounts and:

  • Review active sessions

  • Check MFA status

  • Look at connected apps

You might be surprised what’s still connected.

If this sounds like your current setup, I’m happy to help you tighten it up.

What’s the biggest IT or security scare your business has had recently?

IT Support Perth Team
4 June 2026
5 min read
CyberSecurity
ITSupportPerth
SmallBusinessIT
Microsoft365
PerthBusiness

Stay Updated with IT Insights

Get the latest cybersecurity tips and technology insights delivered to your inbox

Related Articles

Why Upgrade to Business Standard?

5 min read

How to Detect and Block Risky AI Agents Using Microsoft Conditional Access (CA)

Learn how Perth SMBs can detect high-risk AI agent identities with Microsoft Entra ID Protection and block them automatically using Conditional Access policies—before they compromise your data.

5 min read

Cloud Migration Checklist: Essential Steps For Transition

5 min read

Need Expert IT Support?

Get personalized advice from our Perth IT experts. Free consultation available.

Get Free ConsultationCall (08) 9325 1196
Related Content

Continue Reading

Explore more insights and expert advice on IT support, cybersecurity, and digital transformation

Your Messages Are "Encrypted" — But the FBI Just Read Them Anyway. Here's What Every Perth Business Needs to Know.
CyberSecurity
ITSupportPerth

Your Messages Are "Encrypted" — But the FBI Just Read Them Anyway. Here's What Every Perth Business Needs to Know.

Most small business owners believe end-to-end encryption means their messages are completely private. A recent FBI case proves that assumption is dangerously incomplete.

5 min read
4/15/2026
third‑party vendor risk and data‑sharing security for SMBs
CyberSecurity
ITSupportPerth

third‑party vendor risk and data‑sharing security for SMBs

Over 100,000 sensitive parliamentary emails were handed to a private company that had already been hacked—turning a routine data transfer into a major cybersecurity incident. Discover how third‑party vendor risk affects Perth SMBs and learn practical steps to protect your business when sharing data with contractors.

5 min read
4/10/2026
When a Fired Employee Walks Away with 200GB: A Perth SMB's Insider Threat Wake-Up Call
ITSupportPerth
CyberSecurity

When a Fired Employee Walks Away with 200GB: A Perth SMB's Insider Threat Wake-Up Call

Discover how a Perth SMB lost 200GB of sensitive SharePoint data to a fired employee due to missing DLP controls. ITsupportperth.net.au shares the real story, rapid Microsoft Purview fix, and prevention tips for small businesses. Free audit available.

5 min read
3/20/2026