If your Kindle account is hacked, the first steps are to change your Amazon password immediately, review your account for unauthorized activity, and secure your registered devices. Acting quickly can prevent attackers from purchasing unauthorized content, accessing your personal library, or using your payment methods. Unlike social media accounts, a compromised Kindle account puts your payment information and digital content at risk, making swift action critical. A hacked Kindle account is more serious than many users realize.
In 2023, Amazon reported that compromised accounts were frequently used to purchase expensive e-books and audiobooks before victims noticed, with some cases involving thousands of dollars in fraudulent charges. One user discovered that their account had been used to purchase over 150 e-books in Russian and Chinese languages while they slept, only catching it when their credit card was declined on their own purchase the next morning. The extent of damage depends on how quickly you respond. If you act within hours, you can prevent most financial loss and regain control. If weeks pass before discovery, attackers may have accessed your library, modified account settings, changed recovery information, or made purchases across multiple Kindle devices registered to your account.
Table of Contents
- How Can You Tell If Your Kindle Account Has Been Compromised?
- Immediate Actions to Secure Your Compromised Account
- Remove Unauthorized Devices and Payment Methods
- Review and Reclaim Your Digital Library
- Contact Amazon Customer Service and File Fraud Reports
- Check for Other Compromised Accounts and Service Breaches
- Preventing Future Kindle Account Compromise
- Conclusion
- Frequently Asked Questions
How Can You Tell If Your Kindle Account Has Been Compromised?
signs of a hacked Kindle account include unfamiliar e-books or audiobooks appearing in your library, unexpected charges on your payment method, strange device registrations you don’t recognize, or emails from Amazon confirming purchases you didn’t make. Many victims first notice something wrong when their credit card is declined—not because of insufficient funds, but because the card’s fraud detection system flagged unusual activity. Others see notifications that new devices have been registered to their account, even though they haven’t purchased any new hardware. check your Amazon order history for unfamiliar purchases.
Log in to your account on a computer (not your Kindle device, which might still be compromised), click “Returns & Orders,” and scroll through recent activity. Compare this against your payment method’s transaction history. Some attackers are subtle and only purchase a few items to avoid triggering fraud alerts, while others go on spending sprees. In one documented case, a hacker registered twelve Kindle devices to a stolen account over the course of a month, each time resetting the account’s recovery information to lock out the legitimate owner.

Immediate Actions to Secure Your Compromised Account
Your first action should be changing your Amazon password from a secure device—preferably a computer that you’re certain hasn’t been compromised. Do not change your password using your Kindle device itself, as malware on that device could intercept the new password. Use a strong password with at least 16 characters, mixing uppercase and lowercase letters, numbers, and symbols. Avoid reusing passwords across different accounts, as credential stuffing attacks often work because people use the same login information everywhere. After changing your password, enable two-factor authentication (2FA) on your Amazon account. This adds a second layer of security beyond the password.
When 2FA is enabled, anyone attempting to log in from an unrecognized device must provide a one-time code sent to your phone or authentication app. This is essential because many people who have their passwords compromised don’t realize they’ve been breached until days or weeks later. With 2FA in place, even if an attacker has your password, they can’t access your account without physically stealing your phone or compromising your phone number with a carrier account takeover. One limitation of 2FA is that if you lose access to your phone number or authentication app, you may be locked out of your own account. Amazon provides backup codes for this reason—write them down and store them securely, separate from your password. Keep these codes offline and in a physical safe or safe deposit box, not in a cloud storage service like Dropbox or Google Drive.
Remove Unauthorized Devices and Payment Methods
Log into your Amazon account and navigate to the “Devices and content” section. Review every device registered to your account and remove any that you don’t recognize or haven’t used recently. Hackers often register Fire tablets, Kindle e-readers, or smartphones to a compromised account to purchase content that will be automatically delivered to those devices. By removing unauthorized devices, you prevent the attacker from accessing your library remotely.
Next, check your “Payment methods” settings and remove any credit cards or payment sources that were added without your authorization. Some attackers link their own payment method to a stolen account to purchase content that gets delivered to their devices. Others add payment methods as a backup plan, in case the original cardholder disputes charges. Additionally, check your “Gift card balance” to see if any gift cards have been added to the account. In one case, a hacker purchased $2,000 in Amazon gift cards using a stolen account’s payment method, then immediately spent the balance on high-value Kindle content before disappearing.

Review and Reclaim Your Digital Library
After removing unauthorized devices and payment methods, your next task is reclaiming your digital library. Some Kindle users are horrified to discover that their library has been cluttered with thousands of books in foreign languages or adult content they never purchased. While you can’t physically delete these from Amazon’s server, you can make them invisible on your personal Kindle devices and account by using the “Remove from device” and “Delete from your library” functions. This removes the item from appearing on your devices and hides it from your library view. However, understand that “deleting from your library” in the Kindle app or on your device does not necessarily refund the purchase or remove it from your order history.
It simply removes it from view. To get a refund for fraudulent purchases, you’ll need to contact Amazon customer service. Amazon’s policy is generally forgiving for obvious fraud cases—unauthorized purchases in countries you’ve never visited, books in languages you don’t speak, or purchases made in rapid succession. Amazon has also been known to refund entire accounts if dozens of unauthorized purchases are verified. The comparison is stark: a single disputed purchase might require more back-and-forth with customer service than needed, but if you can document that your account was clearly hacked (such as 20+ purchases in 24 hours), Amazon often issues refunds without extensive investigation.
Contact Amazon Customer Service and File Fraud Reports
Reach out to Amazon customer service to report the account compromise. You can initiate a chat session through your account settings or call Amazon’s phone number. When you contact them, have your order history printed or visible, be ready to list the specific fraudulent charges, and describe when you first noticed unusual activity. Amazon takes account security seriously and will investigate claims of fraud, but they need specific information to verify your claim. File a dispute with your credit card company or bank if fraudulent charges were made. Your financial institution will open a fraud investigation and may issue a provisional credit while they investigate.
Typically, you’ll receive temporary credit within one to three days, with a final determination within 60 days. One important limitation: if you wait too long to report fraud—usually more than 60 days—your bank may not be able to reverse the charges. One victim who discovered unauthorized Kindle purchases three months after they occurred found that their bank would not reverse the charges because the reporting window had passed. Mark your calendar immediately upon discovering fraud. Additionally, file a report with the Federal Trade Commission at IdentityTheft.gov. This creates an official record of the fraud and provides you with an Identity Theft Report that you can share with creditors if necessary. If the hacker used your account to make purchases from external vendors (such as buying gift cards or linking third-party accounts), document these as well.

Check for Other Compromised Accounts and Service Breaches
A Kindle account hack is often a symptom of broader account compromise. If your Amazon password was compromised, there’s a chance other accounts using the same password or similar password variations were also compromised. Use a free tool like HaveIBeenPwned.com to check if your email address appears in known data breaches.
This site aggregates publicly disclosed breaches and can tell you which services’ databases your information may have been found in. If your email was in a breach, change passwords for all high-value accounts—bank, email provider, PayPal, healthcare portals. Treat your email account as a master key; if a hacker gains access to your email, they can reset passwords for any other service that uses that email address. Change your email password first, then systematically update other accounts.
Preventing Future Kindle Account Compromise
Going forward, use unique, strong passwords for your Amazon account and never reuse passwords across services. Consider using a password manager like Bitwarden, 1Password, or KeePass to generate and securely store complex passwords. Keep your devices updated with the latest security patches, as many account compromises begin with malware installed through outdated software with known vulnerabilities. Enable automatic updates on your phones, tablets, and computers.
The threat landscape for Kindle accounts is evolving. As e-readers become more integrated into Amazon’s ecosystem and more valuable targets, attackers are increasingly focusing on compromising accounts rather than individual devices. Using two-factor authentication remains the single most effective defense against account takeover, despite its inconvenience. In 2025, Amazon added the option to use passkeys (biometric authentication) instead of passwords for some users, offering stronger protection than traditional 2FA. If your account is eligible, enabling passkey authentication provides defense against phishing attacks and weak passwords.
Conclusion
A hacked Kindle account requires immediate action: change your password, enable two-factor authentication, remove unauthorized devices and payment methods, and contact Amazon customer service. The faster you respond, the less financial and personal damage will occur.
Most victims who act within 24 hours of discovery can recover their accounts and receive refunds for fraudulent purchases with minimal hassle. After securing your account, treat it as a warning sign to audit all your other online accounts, change passwords for high-value services, and implement stronger security practices across your digital life. The good news is that with strong passwords, two-factor authentication, and vigilant account monitoring, a Kindle account hack is highly preventable.
Frequently Asked Questions
Will Amazon refund fraudulent Kindle purchases?
Yes, in most cases. Amazon will refund clearly fraudulent purchases, especially if they involve books in languages you don’t speak, content purchased in countries you’ve never visited, or rapid-fire purchases in a short timeframe. Contact customer service with your order history to begin the refund process.
Can I get the hacker’s information from Amazon?
No. Amazon does not provide personal information about fraudulent accounts to individual users. However, if you’re concerned about identity theft or ongoing fraud, you can file a police report and provide Amazon’s information to law enforcement, who may obtain additional details through legal processes.
Should I delete my Kindle account entirely?
Deleting your account should be a last resort. In most cases, securing your account with a strong password and two-factor authentication is sufficient. Deleting your account will remove access to any purchased e-books, though you’ll retain the right to re-download them if you recreate your account later. If you decide to delete, contact Amazon customer service for assistance.
How long does it take to regain full control of a hacked account?
If you act immediately and there’s no identity theft involved, you can regain control within hours. The fraud investigation with your bank may take up to 60 days, but your account access should be restored much faster—usually within 24 hours of changing your password and contacting Amazon.
What if my Kindle device won’t connect after I change my password?
After changing your password, your Kindle device may need to be deregistered and re-registered. Go to “Manage Your Content and Devices” on Amazon’s website, deregister the device, then re-register it on the device itself using your new password. If the device still won’t connect, contact Amazon’s device support team.
