Unlikely it's been a breach.  It's been standard industry practice for many years now that passwords are not stored as plain text but as a hash.  Hashes can't be reverse engineered to to original password.  When you enter your password a hash of your password is calculated and compared to the one on record.  If they match, it lets you in.

How long was the password?

Unfortunately, what most people outside the industry regard as a "secure" password is really quite pathetic.  Modern automated systems can break most people's passwords in minutes, if not seconds.

At the very least you need 17 truly random characters today and uppercase, lowercase numbers and symbols.  No words, even commonly made up words, as they can be found in an automated dictionary.

Also, I would check your email settings for any forwarding or rules that have been set by the intruder if I were you.  Otherwise it may still be sending them a copy of your mail etc.

Thank you both for your help. I’ve just got off the phone with BT and he confirmed my account hasn’t been compromised. No forwarding rules are present.

First time in 25 years I’ve had this issue. Fortunately good advice here has helped enormously. 👍

Great news @RayP, and thanks so much for letting us know. 

Take care,
Linzi 

I’ve received another text message from BT saying “It looks like someone tried to access your [emailaddress] without your permission.”

I’ve logged on and managed to enter a longer and hopefully more secure password.

But this is a different message to that on Monday. Could someone please explain what has happened? Do they know my password? I use email on two devices. A windows 11 laptop and an iPad. I’ve bought and installed Malwarebytes and after running it nothing suspicious was found.

On my iPad I’ve installed Avast Security. Its SmartScan found no issues but it wants me to buy the package for better protection. For now I’m holding off because I know the rules about clicking on links in Mail.

This is concerning. Why is my account suddenly being attacked and potentially compromised?

@RayP Based on what you have said so far it sounds like your email and old password were compromised and someone was able to change your password, but you have since regained control of the account by changing the password and now the latest message is someone still trying, unsuccessfully now to login to your email.

How they would have got your original details it is not possible for us to say but the most common methods would be those details being found in a data breach if you have used the same logins for other websites, or entering the login details on a phishing site. You can check if your email has been in a known data breach previously using Have I Been Pwned

Right now though you have done everything right in securing your account by changing your password, checking no forwarding rules are in place, checking for viruses and it sounds like you have 2 factor authentication setup with your mobile number as well. All of which should help keep your account secure. 

Most likely you already may know a lot of the information on here but we do have a help page for passwords and what to do if you are concerned here and a page on spotting phishing emails here. 

Alex

Hello Alex. Since Monday my address now appears on Have I Been Pwned. Not much I can do about that but I have changed my password again and I also bought Malwarebytes for my Windows laptop. Running it resulted in nothing being found. That site reported 8 breaches the latest being April 2025.

On my iPad I installed Avast Security (free) and again, nothing was found.

I’m going to speak to BT tech people about my account being locked because of a failed attempt to login. If access wasn’t made why the need to lock the account?

I’m extremely careful about emails especially now. I have taken all precautions I can. I’ll report back after speaking to BT. Thanks for your reassurance.

One other thing. I download all emails to Microsoft Outlook 2010 and they’re then deleted off the Mail servers. I have no contacts stored on my email account. They’re all on my own computers.

So any breach would be ineffective as the hacker couldn’t send anything to my contacts.

One thing, Outlook 2010 has been EoL (End of Life) for ten years now and out of security support for five years.

I doubt if that is the source of the problem in this case, but updating Outlook would eliminate another potential problem if you are concerned about security going forward.