Next Steps if Your MaidCentral Account was Compromised

New
  • 2 minute(s) read
Prev Next

Acting quickly is crucial if you believe your MaidCentral account has been compromised. Unauthorized access can lead to data loss, privacy breaches, or misuse of business tools. Follow the steps below to secure your environment and minimize risk.

Step 1: Update Your Windows Operating System

Make sure your Windows system is fully updated. Outdated systems are vulnerable to known security flaws that attackers can exploit.

To update Windows:

  1. Open the Start Menu and go to Settings.

  2. Click Windows Update.

  3. Select Check for updates.

  4. Install all available updates and restart your computer if prompted.

Keeping your system up-to-date ensures you have the latest security patches and protection.

Step 2: Run a Full Antivirus Scan

Malicious software or keyloggers may have been used to compromise your credentials. Use a reputable antivirus tool to run a full system scan.

Recommended steps:

  • Windows Users: Use Microsoft Defender (built into Windows) or another trusted antivirus product.

  • Mac Users: Run Gatekeeper and or Xprotect (these should be included on your Mac)

  • Perform a full system scan, not just a quick scan.

  • Quarantine or remove any detected threats.

  • Restart your computer after the scan is complete.

Important: Do not log into MaidCentral or change your passwords until the antivirus scan confirms your device is clean.

Step 3: Refresh API Keys in MaidCentral

If the compromised account has access to third-party integrations, it's critical to renew and refresh your API keys to prevent continued access by unauthorized users through these platforms.

To refresh your API keys:

  1. Log in to MaidCentral with an administrator account.

  2. Go to Company > General.

  3. Navigate to the Integrations tab.

  4. Locate the active API keys and revoke or regenerate them.

    1. You may have to log into the portal of your different API’s to regenerate the keys

    2. The API keys we recommend regenerating are included below

      1. Credit Card Processor (Stripe / Authorize / Paystri)

      2. Twillio

      3. SendGrid, if you have your own account

      4. Ensure there are no new or unknown API users under the APU users section in MaidCental

  5. Update your API keys inside Maidcentral

The above steps ensure that any integrations tied to compromised credentials are resecured.

Step 4: Reset MaidCentral Password

It is critical to do this step last, after you have resecured your computer.

To reset your Maidcentral password, use the “Reset Password” link on the login page of your instance, as seen below. An email will be sent to the designated email, allowing you to reset your password

Here are some pointers on setting up a strong password!

  • At least 12 characters (the longer, the better)

  • Uppercase letters (A–Z)

  • Lowercase letters (a–z)

  • Numbers (0–9)

  • Special characters (e.g., ! @ # $ % ^ & * ( ) _ +)

  • No personal information (e.g., names, birthdays, addresses)

  • Avoid common words or patterns (e.g., "password", "123456", "qwerty")

  • Use passphrases (a string of random or unrelated words is often stronger and easier to remember)

  • Do not reuse passwords across accounts (each password should be unique)

  • Use a password manager (to generate and store complex passwords safely)

Additional Recommendations

  • Enable two-factor authentication (2FA) for your account if available.

  • Audit recent activity in MaidCentral for unauthorized changes.

  • Inform your team and have them follow the same security procedures if applicable.

Need Help?

If you are unable to complete these steps or suspect deeper compromise, please contact MaidCentral support immediately. Our team is here to help.
📧 Open a ticket here

💬 Live Chat (available in-app through the MaidCentral widget on the bottom left corner)