My site has been hacked, and I got an email showing me that the password and email associated with my website have been changed. What do I do to recover my website?
I didn’t click anything on the emails, and just tried logging into my site, but my password has been changed and the only way to change my password is to confirm by email. Not sure how to proceed.
Call the hosting company
They changed the password only to wp-admin?
The first couple options will not work for you but the others may.
If you site has been hacked. you may want to consider taking the site offline so that the impact is contained as much as possible.
It sounds like you have access to cPanel. If yes, you can restrict access by using IP Deny Manager and limiting access to your website.
Once you’ve restricted access, you’ll want to start looking into the potential changes that may have occurred to your site.
Does your site hold/store any personally identifiable information e.g. customer/user details?
If yes, you may want to look into the impact the hack may have on both you and them. Depending on where you are there may be legislations/regulations re: breaches.
If you aren’t sure what you are doing, consider reaching out to a professional.