Cloulflare Account Hacked

Hello,

My cloudflare account got hacked and the site was redirecting to porn site. Want to know how this can happen that the A record got updated on its own without anyne changing from our side.

Need a quick detail on the same.

Thanks

Check your audit log to see who made the changes.
https://dash.cloudflare.com/?to=/:account/audit-log

If it was using your login, your email/password were leaked from elsewhere, guessed or otherwise discovered.

Ensure to fully resecure your account:

  • change the password
  • set up 2FA
  • change your global API key and any tokens; look for newly created tokens
1 Like

I am not able to setuo 2FA, as it ask to verify email & I am not recieving any mail for the same.

I have submitted an escalation request to see if your email may have found itself on the suppression list. That can happen sometimes if emails were bouncing.

1 Like

someone may know your password

Your email address bounced at some point, and ended up in a suppression list on our side.

Please make sure you allow all emails from [email protected] to prevent any issue.

I’ve now cleared your email address from this list, you will now receive the emails as expected.

2 Likes