Do I need to worry about my Pages if only my profile was hacked?

Yes. Because your profile is the login behind your Pages and ad accounts, an attacker with your profile may have added themselves to those assets. After recovering your profile, audit People, Partners, and System Users on every Page and portfolio.

My ad account was charged for ads I didn't run. What now?

Treat that as a portfolio compromise too: pause ads, lock payment methods, and contact your bank. The dedicated steps are on the portfolio recovery page.

How long until I'm back in?

If recovery succeeds with standard signals it can be quick. When Meta runs an identity review, expect a wait of days — there is no fast-track.

Recovery

Recover a Hacked Facebook Profile

Hacked and locked out of your personal Facebook account? Start at facebook.com/hacked, get your account back, then secure every Page and ad asset behind it.

Your personal Facebook account sits behind every Page and Business Portfolio you manage — there is no separate business login. So if your profile is hacked, recovering the profile comes first. Until you control your personal account again, anything you change can be undone, and your Pages and ad accounts stay exposed. Work it in order: profile first, then the assets.

If your situation is actually …

Your Business Portfolio is being drained by fraudulent ads → Recover a hacked Business Portfolio →
You are blocked by two-factor authentication, not a hack → Recover after a two-factor lockout →

Recover a hacked Facebook profile

Stage 1 · Stabilize

Stop the attacker's access

Go to facebook.com/hacked and follow the guided recovery for a compromised account.
This is Meta's official flow for accounts taken over by someone else.
Where: facebook.com/hacked
If you can still log in, change your password immediately and log out of all other sessions.
Ending active sessions cuts the attacker off mid-attack.
Where: Facebook → Settings → Security and login

Stage 2 · Diagnose

See what the attacker changed

Review where you are logged in and recent login activity for unfamiliar devices and locations.
Where: Facebook → Settings → Security and login
Check whether your recovery email, phone, or password were changed; Facebook can often reverse a recent email change during recovery.

Stage 3 · Reclaim

Take back the account

Reset your password to something new and unique, and set recovery email and phone to ones only you control.
Where: Facebook → Settings → Security and login
If asked, complete identity verification — Meta may require it and run a short review before fully restoring access.
The hacked-account flow includes identity checks and a review period.

Stage 4 · Harden

Secure the account and its assets

Turn on two-factor authentication, preferably with an authenticator app rather than SMS.
Most takeovers rely on reused passwords or intercepted SMS.
Where: Facebook → Settings → Security and login
Once your profile is safe, audit every Page and Business Portfolio you manage — check People, Partners, and System Users for anyone the attacker added.
Where: Meta Business Suite → Business settings

If this flow does not restore access: How to contact Meta support for access problems →

Frequently asked questions

Often yes. During the facebook.com/hacked flow, Meta can let you reverse a recent email change and may send confirmation to your original email. Identity verification is usually part of this when the standard signals are missing.

Delvia

Access issues are easier to prevent when roles, owners, and responsibilities are recorded clearly

Most access problems trace back to the same gap — no clear record of who has access, what role they hold, and what should happen when that changes. Delvia helps you keep that record so problems are visible before they become incidents.

Delvia is free on iPhone and Android. Keep a clear record of who has access to your accounts — and what to do when that changes — wherever you are.

Download on theApp Store GET IT ONGoogle Play