If you believe someone has gained unauthorized access to your Contractor Accelerator account, email account, QuickBooks account, or another connected system, follow the steps below immediately.
Quick Action Checklist
☐ Contact Contractor Accelerator ( Support@contractoraccelerator.com or call 877-374-3588 )
☐ Request all users reset their email password (before sending CA reset links)
☐ Review active users and remove anyone who should not have access
☐ Request all users reset CA password
☐ Change passwords for other business systems
☐ Disconnect and reconnect CA integrations after changing passwords
☐ Consider notifying affected customers
☐ Consider reporting the incident to law enforcement or the FBI
Step 1: Contact Contractor Accelerator
Contact Contractor Accelerator Support as soon as possible and let us know what happened.
Our team can review available account history and help guide you through the recovery process.
Support@contractoraccelerator.com or call 877-374-3588
Step 2: Secure Your Contractor Accelerator Users
Reset Email Passwords First
If a user's email account may have been compromised, have them reset their email password before sending a Contractor Accelerator password reset link.
If an attacker still has access to the user's email inbox, they could use the password reset email to access Contractor Accelerator.
Review Active Users
While in the Users section, verify:
- All active users should still have access
- Former employees have been removed or disabled
- No unfamiliar users appear in the list
- User permissions are still appropriate
If anything looks suspicious, contact Contractor Accelerator Support.
Send Contractor Accelerator Password Reset Links
After email passwords have been secured:
- Go to Company Profile
- Click Users
- Click the three-dot menu next to each active user
- Click Send Access Link
Advise all users to watch for the email and complete their password reset immediately.
Step 3: Change Passwords for Other Connected Systems
If an attacker gained access to your email account or computer, they may also have access to other connected systems.
Consider changing passwords for:
- Email accounts (Gmail, Microsoft 365, etc.)
- Google Calendar
- QuickBooks Online
- Banking and payment systems
- Any other business software used by your company
Important: Watch for Keyloggers
If you suspect your computer may be infected with malware or keylogging software, changing passwords from the same device may not fully secure your accounts.
For added protection, consider changing passwords from a different trusted device, such as:
- A mobile phone
- A tablet
- Another trusted computer
You can also consider running antivirus and malware scans on affected devices.
Step 4: Reconnect Your Integrations
After changing passwords, you may need to disconnect and reconnect integrations within Contractor Accelerator.
Google Calendar
- Inside CA, go to your Personal User Profile (not Company Profile)
- Click Integrations
- Disconnect the Google Calendar integration
- Sign in to your Google account
- Open Google Account Settings
- Select Security
- Scroll to Third-Party Apps & Services
- Locate Contractor Accelerator
- Remove Contractor Accelerator's access if it is still showing
- Return to Contractor Accelerator
- Reconnect your Google Calendar integration using your updated credentials
Removing Contractor Accelerator from Google helps ensure the previous connection has been fully released before reconnecting.
QuickBooks Online
- Go to Company Profile
- Click Accounting
- Click Disconnect
- Wait a few minutes and refresh the page
- Reconnect QuickBooks Online using your updated credentials
Step 5: Notify Affected Customers
Depending on the situation, notifying affected customers may be appropriate. Primary users can export a list.
Export a Customer List
- Open the Customer Table
- If needed, use the filters within the search bar to narrow the list to a specific group of customers who may be affected customers
- Click Export in the upper-right corner
- Use the exported list for customer communications
If only a specific group of customers may have been affected, use filters before exporting to narrow the list.
Severe Incidents
In severe situations, Contractor Accelerator can temporarily disable access to your account until you are ready to resume operations.
Contact Support if you believe this may be necessary.
Step 6: Consider Reporting the Incident
Depending on the nature of the incident, you may wish to:
- Contact local law enforcement
- File a report with the FBI Internet Crime Complaint Center (IC3)
- Contact your attorney regarding notification requirements
- Notify your cyber insurance provider
Every situation is different, so consider what is appropriate for your business and the information involved.
Contractor Accelerator Security Safeguards
Contractor Accelerator includes several safeguards designed to help protect customer information.
- Access to Contractor Accelerator requires valid user credentials and appropriate permissions.
- Only Primary Users can export customer lists.
- Contractor Accelerator does not store customer credit card information.
- Payment information is handled by secure payment processing partners.
- Customer portals are accessed through unique, secure links.
- If a security concern is reported, Contractor Accelerator can review available account history and assist with the recovery process.
For additional information about Contractor Accelerator's security practices, visit:
https://contractoraccelerator.com/security
Comments
0 comments
Article is closed for comments.