If you suspect that someone has gained unauthorised access to your Customer Panel, please act as quickly as possible. The steps below will help you regain control of your account.

TABLE OF CONTENTS

• How to request account recovery
• Keeping your account secure
  • Quick Security Checklist

How to request account recovery

1. Visit the Account Recovery page and review the information to make sure you have the relevant documents prepared.
2. Complete the account recovery form, entering your details exactly as they appear in your account to ensure smooth processing.
3. Submit the form. A support ticket will be created automatically, and our team will follow up with you as soon as possible.

Ready to recover your account?  Submit the Account Recovery Form

Make sure to prepare the required identification documents before filling in the form.

⚠️ Please note that unauthorized account access is in the vast majority of cases the result of weak passwords, missing two-factor authentication, or malware on the customer’s own devices. This type of incident does not constitute a breach of Contabo’s systems or services.

Keeping your account secure

Once you have regained access to your account, or if you simply want to strengthen your account security, we strongly recommend taking the following steps.

1. Change your password

Change your Customer Panel password immediately to a strong, unique password or passphrase that you do not use on any other service via the Forgot Password button on the login screen of the Customer Panel.

What makes a strong password?

A strong password avoids dictionary words and personal information (names, birthdays, pet names). Good passwords combine random words, letters, numbers, and symbols to maximize entropy. 

2. Enable or reset two-factor authentication (2FA / MFA)

Two-factor authentication (2FA), also called multi-factor authentication (MFA) adds a critical second layer of security to your login.

If 2FA was not previously enabled

Enable it as soon as you have regained access to your account. This significantly reduces the risk of future unauthorised access.

If 2FA was already active at the time of the incident

Disable and fully re-enable 2FA (set it up again from scratch). This is important to protect against info-stealer malware attacks, which can capture existing authentication tokens. Regenerating 2FA invalidates any tokens that may have been stolen.

⚠️ Important: 2FA must currently be configured separately in both the old and the new Customer Panel. Setting it up in one control panel does not automatically configure it in the other.

For more information, see How do I change my 2-factor authentication settings?

3. Re-generate your API key

If you have generated an API key for your account, regenerate it immediately. An attacker who obtained your API key could use it to perform actions against your account without ever needing to log in to the Customer Panel directly.

4. Monitor your payment methods

If you have stored a credit/debit card or a PayPal email address in your account, take the following precautions:

• Monitor the payment method for any unauthorized transactions.

If you spot suspicious activity or want to be proactive, consider ordering a replacement card or updating your PayPal login credentials

5. Be aware of your exposed personal data

A compromised Customer Panel account may expose personal information stored there, including your full name, postal address, email address, and phone number. This information could potentially be used for identity fraud.

We recommend staying vigilant for phishing attempts or suspicious activity linked to your personal details, and reporting anything unusual to the relevant authorities.

Quick Security Checklist

• Change your Customer Panel password to a strong, unique passphrase
• Enable (or fully reset) 2FA in both the old and new Customer Panel
• Regenerate your API key if one was in use
• Monitor your stored payment method for unauthorised transactions
• Stay alert to identity fraud using your exposed personal data