What to Do When Your Kid's Account Gets Hacked

Your child comes to you with wide eyes: “I can’t log into my Roblox account. It says my email doesn’t exist.” Or your phone buzzes with a notification from Epic Games that your kid’s account just logged in from a city you’ve never been to. That sick feeling is real—but panic is your enemy here. Account recovery has a time window. The faster you move through the right steps, the better your odds of recovering the account before the attacker changes the recovery email, transfers the valuable items, or sells the account entirely. This guide gives you the exact sequence, without the guesswork.

Key Takeaways

• The first 60 minutes are critical—attackers typically change recovery emails within minutes of gaining access
• Go directly to the platform’s official website by typing the URL yourself; never use links from emails or messages
• If the recovery email was already changed, platform account recovery forms (not customer service chat) are your fastest path
• Screenshot everything before making changes—documentation is essential for both recovery and fraud reporting
• After recovery, a password manager and authenticator-based 2FA close the door on future attacks

Step 1: Confirm What Has Actually Happened (First 5 Minutes)

Before taking any action, quickly establish what kind of account event occurred. Not every login notification or “wrong password” message means a hack. Distinguish:

• Forgotten password: Your child forgot the password. Solution: use the account’s official “Forgot Password” flow.
• Account locked: Too many failed login attempts triggered a temporary lockout. Wait 15–30 minutes and try again, or use account recovery.
• Suspicious login notification: You received an email saying someone logged in from an unusual location. This is a warning, not necessarily a full takeover—act immediately.
• Full account takeover: Your child genuinely cannot log in, the recovery email doesn’t work, and there’s evidence someone else has access (posts they didn’t make, items missing, friends receiving messages).

Only a full account takeover requires emergency action. The others can be handled calmly.

Step 2: Document Before You Change Anything (Minutes 5–10)

Take screenshots of:

• The error message your child receives when trying to log in
• Any email notifications from the platform about suspicious activity, login from new device, or email/password change
• Any evidence of unauthorized activity (posts, purchases, messages your child didn’t send)
• The current state of the account if you can still access it (friend list, inventory, balance)

This documentation is required for platform dispute forms and any law enforcement reports. Once you start the recovery process, the account state will change.

Step 3: Attempt Standard Account Recovery (Minutes 10–20)

Go directly to the platform’s website. Type the URL yourself—do not click any link in an email, even one that looks like it came from the platform. Phishing emails mimicking “account recovery” notifications are extremely common.

Use the “Forgot Password” or “Sign In Issues” flow. The platform will attempt to send a verification code to the recovery email or phone number on file.

If this works: Reset the password to something new and unique (use a password manager to generate it). Immediately proceed to Step 5 (securing the recovered account).

If this fails (the recovery email or phone was already changed by the attacker): Proceed to Step 4.

Step 4: Use Platform-Specific Emergency Recovery (Minutes 20–45)

Each major platform has an escalated recovery process for compromised accounts. These require more verification but can recover accounts even when the recovery email was changed.

Roblox

Go to roblox.com/support and select “Account Hacked.” Roblox will ask for:

• Original email address used to create the account
• Username
• Date of birth on the account
• Any previous usernames
• Details of any purchases (Robux purchase amounts, dates)

Having the original purchase receipts in your email (search for “Roblox” in your inbox) significantly speeds this process. Roblox support typically responds within 24–72 hours.

Epic Games / Fortnite

Go to epicgames.com/help and choose “Account Compromised.” Epic’s process includes:

• Original email
• Epic account ID (if known)
• Purchase history details
• Platform connection details (which console or PC was linked)

For accounts with significant history or purchases, Epic’s Trust & Safety team typically prioritizes recovery.

Microsoft / Minecraft

Go to account.microsoft.com/account/recover. Microsoft’s account recovery is one of the most robust—it includes an automated verification process using past activity, trusted contacts, and purchase history. You can also call Microsoft support (1-800-642-7676) and request account recovery for a minor’s account.

Google (YouTube Gaming, etc.)

Go to accounts.google.com/signin/recovery. Google’s Account Recovery asks verification questions based on account history: when the account was created, recent searches, associated accounts. If the child’s Google account is associated with a parent’s Google Family account, the parent can assist through the Family Link management console.

Platform Account Recovery Summary

Platform	Recovery Portal	Typical Response Time	Documentation Needed
Roblox	roblox.com/support	24–72 hours	Original email, purchase history
Epic/Fortnite	epicgames.com/help	24–72 hours	Email, purchase records
Microsoft/Minecraft	account.microsoft.com/recover	Automated + 24 hours	Purchase history, activity
Google	accounts.google.com/signin/recovery	Automated	Account creation details
PlayStation	playstation.com/support	24–48 hours	PSN ID, console serial
Steam	help.steampowered.com	1–3 days	CD keys, purchase history
Nintendo	accounts.nintendo.com	3–5 days	Account email, purchase history

Step 5: Secure the Recovered Account (Once You Have Access)

The moment you regain access, move through these steps in order—don’t stop to look around the account first.

1. Change the password immediately to a new, unique, randomly generated password via a password manager. Do not reuse any previous password.
2. Change the recovery email to a parent-controlled email address that uses its own unique, strong password.
3. Remove any phone numbers added by the attacker. Add a parent-controlled phone number only if required.
4. Enable two-factor authentication using an authenticator app (Google Authenticator, Authy, or Microsoft Authenticator). Do not use SMS if an authenticator app is available.
5. Review and revoke all active sessions. Log out of all devices. This terminates any session the attacker may still have open.
6. Review connected third-party apps. Remove any connections you don’t recognize.
7. Check for and reverse unauthorized changes. Look for new friends added, messages sent, purchases made, or items transferred. Contact the platform to report and potentially reverse unauthorized transactions.

Step 6: Assess the Damage and Report

Financial Damage

Check any credit card or PayPal account linked to the gaming account for unauthorized charges. Contact your bank or card issuer immediately to dispute charges made without authorization. Most financial institutions have 60-day dispute windows, and many credit card fraud protections are robust.

Report to Law Enforcement

For significant financial loss or if personal information was exposed:

• FBI’s IC3 at ic3.gov (for US-based incidents)
• FTC at reportfraud.ftc.gov
• Your local police department (request a case number, which you’ll need for insurance claims and some platform disputes)

If the attacker made contact with your child (attempted grooming, solicited personal information, sent inappropriate content), also report to NCMEC at cybertipline.org.

Document for the Platform’s Dispute System

File a formal complaint through the platform’s dispute system. Include:

• Your police or IC3 report number if you have one
• Transaction IDs for any unauthorized purchases
• Screenshots of all unauthorized activity
• The timeline of events

Step 7: Talk to Your Child About What Happened (After the Crisis Is Resolved)

The conversation after an account compromise matters. Children often feel shame or fear punishment, which makes them less likely to report future incidents promptly—which is exactly when fast reporting matters most.

Focus on:

• What happened, not who is to blame. “A criminal tricked you” is accurate. “You were careless” is counterproductive.
• What you’re going to do differently together. The password manager, the 2FA setup, the new rule about links from online friends.
• The explicit reassurance that they can always tell you. “Even if you click something you shouldn’t have, telling me immediately is always the right move. Nothing is worse if you tell me early.”

What to Watch For Over 3 Months

• Month 1: After recovering the account, monitor it daily for the first two weeks. Set up login notifications if available. Look for any repeat unauthorized access attempts.
• Month 2: Audit all other accounts that used the same password as the compromised account. Change every one of them to a unique password via the password manager.
• Month 3: Review what information the attacker may have gathered during their access. If the account had personal information (real name, school, address), discuss with your child whether any of that was visible and who might now have it.

Frequently Asked Questions

Is it possible to recover items or currency stolen during a hack?

It depends on the platform and the circumstances. Roblox, Epic Games, and Steam all have processes for reporting and potentially recovering stolen in-game items or currency, but they’re not guaranteed. The faster you report, the better the odds. Document all missing items with screenshots before the platform investigates.

What if the attacker used my child’s account to harass other players?

Contact the platform’s Trust & Safety team and explain that the account was compromised. Provide documentation (police report, the recovery timeline). Most platforms are experienced with this situation and will take the account’s compromise status into account when evaluating reported behavior. Having documentation of the hack before the harassment occurred is important.

Can I sue the platform if they didn’t protect my child’s account adequately?

Platform terms of service typically limit liability significantly. However, if a platform had a data breach that exposed your child’s credentials, you may have rights under applicable state or federal data breach laws. The FTC has taken action against platforms with inadequate security practices. Consult an attorney specializing in digital privacy for specific guidance.

My child is embarrassed and doesn’t want me to involve law enforcement. What should I do?

Reporting is your decision as the parent, not your child’s—especially if financial fraud occurred. Explain that the report helps law enforcement track patterns and potentially stop the criminals from doing this to other families. The child’s identity will not be publicly disclosed in most cybercrime reports.

---

About the author

Ricky Flores is the founder of HiWave Makers and an electrical engineer with 15+ years of experience building consumer technology at Apple, Samsung, and Texas Instruments. He writes about how kids learn to build, think, and create in a tech-saturated world. Read more at hiwavemakers.com.

---

Sources

1. FBI Internet Crime Complaint Center (IC3). Filing a Complaint. ic3.gov. https://www.ic3.gov/complaint
2. Federal Trade Commission. What to Do Right Away After Identity Theft. consumer.ftc.gov. https://consumer.ftc.gov/articles/what-do-right-away-after-identity-theft
3. Cybersecurity and Infrastructure Security Agency (CISA). Account Security Best Practices. cisa.gov. https://www.cisa.gov/secure-our-world
4. National Center for Missing and Exploited Children (NCMEC). CyberTipline. missingkids.org. https://www.missingkids.org/gethelpnow/cybertipline
5. National Institute of Standards and Technology (NIST). NIST SP 800-63B: Digital Identity Guidelines. pages.nist.gov. https://pages.nist.gov/800-63-3/sp800-63b.html
6. Epic Games. Account Compromised — Help Center. epicgames.com. https://www.epicgames.com/help/en-US/epic-accounts-c5719348850459/account-security-c5719366891291
7. Microsoft Support. Recover a Hacked or Compromised Microsoft Account. support.microsoft.com. https://support.microsoft.com/en-us/account-billing/recover-a-hacked-or-compromised-microsoft-account-188edd56-8432-460f-8069-c1d91773f719