Imagine this scenario: It’s early Saturday morning, you just woke up, and are trying to check the news on your phone while enjoying a cup of coffee. You notice your phone isn’t connected to the internet for some reason. You check the Starlink app for a system status, and it’s offline. Attempts to create a support ticket are unsuccessful, your Starlink account credentials aren’t being accepted. The bank calls a few moments later. They’ve frozen your credit card due to fraud. You listen, stunned, as they explain that someone has ordered over $6,000 worth of Starlink equipment in the last 24 hours.
No internet service, thousands of dollars stolen, and no help from Starlink. This is an increasingly common situation faced by Starlink customers. Hackers are gaining access to unsuspecting Starlink accounts, and using the payment information on file to order thousands in equipment. Later, they will resell the equipment on 3rd party marketplaces like Amazon, eBay, and Facebook Marketplace. In this article, I’ll explain what’s going on, how to protect yourself, and what Starlink needs to do to prevent more accounts from being hacked.
Table of Contents
Starlink accounts are easily compromised
The cause of most Starlink account hacks is leaked passwords from other online account breaches. It’s common for a person to use the same password for all their online accounts, from email, to banking, to services like Starlink. When hackers steal passwords in a data leak, they can take advantage of people who use the same password over and over again.
Once the hacker has an email address and password, it’s very easy to log in to a Starlink account and wreak havoc. Usually, they will change the email on the account first. Changing the email gives them complete control, and prevents the account owner from resetting the password or getting help from Starlink.
Since a payment method is already on file in the Starlink account, hackers proceed to order as much equipment as they can. They have the orders shipped to a different address, where they can take possession, and then resell the equipment to unsuspecting buyers on platforms like Amazon and eBay.
Starlink is terminating hacked accounts without notice
These hacks are affecting vulnerable customers at an increasing rate. Just check out the damage a hacker caused this person:
“My mother’s starlink account was recently hacked and the hacker tried to order a couple thousand dollars worth of equipment. Starlink caught most of it and disabled her account. After 3 weeks of back and forth with starlink support they sent an email stating our account is associated with fraud and being closed indefinitely. And now will only respond with generic responses. My mother is 67, never even so much as a parking ticket, never missed a bill payment, nothing. We live in a small rural community in wisconsin and starlink is our only viable internet option that isn’t crawling speed internet. Please help me blow this post of mine up on X(twitter), so maybe we can get our service back. We still want to use starlink and have been loyal customers since very early beta phase. PLEASE HELP.”
Reddit post by u/SolidChoice7856
Starlink monitors accounts for unusual activity, and sometimes they take action by terminating an account that displays fraudulent activity. Sounds reasonable, but the problem is that the account owners are left with no internet service, and no valid Starlink account to be able to contact customer support. You see, Starlink relies completely on an online ticket system to communicate with customers. They don’t have a phone number or email that victims can use to get help.
All of this is done behind the scenes, with no real explanation or advance notice provided to the account owner. This situation is becoming commonplace, with many victims waking up to a disabled Starlink dish, with no way to contact Starlink.
Hackers resell equipment on 3rd party platforms
Starlink account hacking is a profitable business. If a hacker can successfully order thousands of dollars in equipment, they are free to resell it on 3rd party platforms like Amazon, eBay, and Facebook Marketplace. It’s not just the expensive dishes that are being ordered. Common accessories like the Starlink Ethernet Adapter are often targets for hackers as well.
The stolen hardware is sometimes listed below MSRP so that unsuspecting shoppers think they are getting a deal. Unknown to the buyer, they are actually buying stolen goods that the seller needs to move quickly. If you browse Amazon or other online marketplaces, you are likely to see dozens and dozens of listings from 3rd party sellers. Starlink does not sell on platforms like Amazon or eBay. Hackers and scammers try to make buyers believe they are buying from Starlink, when in reality, they are buying used goods with a healthy profit margin built into the price.
Of course, not all 3rd party marketplace listings are for stolen goods. Real Starlink customers do sell their used equipment after it’s no longer needed. The majority of Starlink listings are legal (even if unethical), but buyers do face the real risk of purchasing stolen goods that were obtained by hacking a Starlink account.
What Starlink can do to fix the issue
The solution on Starlink’s end is pretty simple – implement two-factor authentication (2FA) for logins. 2FA will significantly reduce the chances of a hacker gaining access to a Starlink account. Even if they have the email and password, without access to the customers SMS service, they won’t be able to log in.
Starlink also needs to add a public phone number or email to their customer support department. Currently, only logged in subscribers can contact Starlink via their support ticket system. How are hacking victims supposed to contact Starlink for help, if their account has been hijacked?
Finally, Starlink needs to give customers the option of saving payment information to their account. Obviously, automatic billing can continue to function with a saved credit/debit card. But for new hardware/accessory orders, customers should be given the option of having to enter in payment details each time, or not.
What to do if your Starlink account is hacked
If you reading this because you are a victim of a Starlink account hack, here are some steps you should take right away:
Contact your bank
The first thing you need to do is contact your bank. Talk to the fraud department to determine the best course of action for your Starlink associated accounts moving forward. If a hacker has already ordered equipment from Starlink, the bank account will likely need to be cancelled to prevent further charges.
Attempt to recover your Starlink account
Try to regain access to your Starlink account by following these steps:
- Visit the Starlink account recovery page
- Select By Phone, enter the phone # associated with your Starlink account
- Follow the steps to reset your account email and password
If you can’t get any of the account recovery methods to work, visit this page. Fill out all the information, providing screenshots and other proof of hardware and account ownership. Someone from Starlink will reach out to help you reset your account. Once you are able to recover your account, contact Starlink to see what steps they recommend next.
Contact the authorities
In many cases, you’ll be able to see exactly where the hacker tried to ship the unauthorized orders. Provide this information to the local authorities. It is unlikely that your local police department will be able to do anything but file a report, but any information you can provide them helps.
Basic internet security tips and practices
The best way to protect your Starlink account is to practice basic internet security. Here are the things I recommend:
- Use a password manager. Google and Apple have their own password managers, or you can use popular options like Bitwarden
- Never use a password more than once. You shouldn’t use one common password for multiple online accounts. Use a password manager to create and store unique passwords for all online services
- Use two-factor authentication (2FA) when available
- Credit cards have easier fraud processes than debit cards. If possible, connect a credit card to your Starlink account instead of a debit card
- Never share your login credentials with anyone. Starlink will never ask for your login credentials
- Be careful when using public networks and computers. Avoid logging in to accounts when using a public computer or Wifi network. If you do, remember to log out of your account when finished
Final thoughts
I’ve noticed more and more reports of Starlink account hacks in various online Starlink communities, like the Starlink subreddit on Reddit. I’m hopeful that this article will help bring the issue to Starlink’s attention. There are several things they can do to improve account security, like implementing 2FA.
Until Starlink takes action, every customer needs to be proactive about the security of their account. Use unique passwords created by a password manager. Never give out your login details. And regularly monitor your bank activity to catch fraud early.
My name is Tanya Moon… My husband and I have had 13k in fraud committed against us out of our business debit card ( I’m assuming our debit info was stolen off dark web.) to buy Starlink equipment. We are NOT Starlink customers.
The issue is we’re dealing with the bank but they’re saying businesses aren’t protected the way regular consumers are and that we may not get our money back if they can’t get it back from Starlink! Doesn’t sound right! How can my husband and I get ahold of Starlink?
Use the link near the end of the article. It takes you to a Starlink Typeform page, where you can fill out the form and provide your contact info to Starlink. Explain the situation, submit the form, and hopefully someone from Starlink can help you out. I would also be trying to escalate this at your bank. Explain that Starlink can’t be contacted easily. I’m not sure about all the details about business vs consumer protections, but at the very least, someone at the bank needs to understand that you can’t just call Starlink for them to help out.
Seems the simple solution is for Starlink to simply not allow an established account to suddenly purchase thousands of dollars in new equipment. If this is a recurring issue then why isn’t Starlink already doing something about it? Seems fairly obvious and easy to do. Starlink is shirking responsibility here. Then, when it is established that the equipment was fraudulently obtained, why not simply disable all of the dishes and modems? Who needs multiple dishes, modems and other accessories? If anything, put a hold on such an order and check if any account profile information has recently changed, contacting customer at both new and prior email/phone if necessary to verify.
For such a high tech company, they have lots of capability at their finger tips. It’s actually pretty silly that this is even a thing if you think about it.
I thought the dishes would only work at the service location at the original time of purchase?
After purchasing a dish, hackers can cancel the plan and release the hardware from the account, allowing it to be activated by anyone else with the hardware identifier.
This article seems like a desperate attempt to smear starlink to hurt Musk. Most starlink customers are in rural areas where ‘hackers’ are unlikely to travel. I know many starlink customers in Eastern Canada and I’ve heard only praise for the service. Perhaps this article is scripted by a competitor?
Hackers gain access by logging in to Starlink accounts from anywhere in the world. They don’t need to be at the physical location of the account holder.
Agreed. And the simple fact that Starlink does NOT use MFA? Like so many other websites these days? Is insane.
When I read this today the first thing I did was go in and change my PW…which I noticed you have to ask for a “I forgot my password” and then get an email.
Which is like the only time they email you about changes.
Once I changed my PW (I use a PW app Keeper) I didnt even get an email from Starlink that my password changed!
So….In reply to the original poster Mike?
If your login ID and pw is comprised? It’s simple as heck to login to Starlink account, change the phone number & email on your the account without any notifications or such from Starlink stating “you recently changed your email, or phone”.
Which many many companies do when you modify settings in your account.
Once the email and/or phone number is changed, you can ask to reset the PW from the Starlink site and WHAM….they are in and you are out.
The fact I was able to change my phone number and my password with no update notification from Starlink about that change, tells you right there how weak their security is.
((PS- FYI? I’m a Sr Systems Engineer in IT – for +20yrs. Cyber Sec/Hacking/Stealing people’s info is huge — please protect yourself.))
I am the O.P. of the reddit post you quoted in this article. An update, starlink has now fixed the problem and unblocked her service. Starlink support DM’ed me after I posted, and I had them prove they are actually starlink and not another scammer. They then reopened my support ticket and next day it was fixed. I spent 3 weeks back and forth in a support ticket before they blocked her and 2 days after my reddit post, it was fixed. 😀
Glad they saw the story and helped out. Thanks for the update!
Nice Brandon. Sorry your Mom and you went though all that craziness. Turning on two-factor authentication for your and your mom’s email would prohibit scammers from using her email credentials. I am glad I turned mine on a year ago. I get these 2 digit codes all the time from attempts to reset my email password. If not for 2FA I’d be a victim for sure.
This happened to my buddy, I immediately went to my starlink account and change the payment method to a privacy.com card with a $150/mon limit (I already had one for Tesla SC due to this being an issue there as well). HIGHLY reccomend
It’s pretty obvious that Starlink isn’t really setup to be a proper ISP yet, as with all of (unnamed person)’s companies these are the kind of details that are left by the wayside in the name of “disruption” and “rapid iteration”. The individual means little when you have a church full of followers blaming the victim when they have a bad experience.
How do I make my Starlink Wi-Fi secure?
Don’t use the default unsecured Starlink Wi-Fi, set your own network name and password.
I’m trying to change my password and I’m not given the option to do that! I looked all around…
So I got to where I could change my password, but now my Starlink is disconnected!!! What do I do?!? Everything was fine until I read this article.
Your Starlink isn’t disconnected, it just says that in the app because you’ve changed your password, and need to log back in to the app to see your Starlink’s again.
Go to the password reset page and type in your email address:
https://auth.starlink.com/forgot-password
Starlink should also require re-entry of payment information if an account email address is changed.
It also helps to have a separate card for such transactions such as Monzo, Starling, or any other but keep the card with minimal or no cash-only transfer to effect a transaction. Have your Starlink account hold those payment details instead of your main card details.
I think they have done something. I logged in today and I have been looking at buying Gen3 and creating a mesh and waiting for the Gen-3 to go on sale and the https://shop.starlink.com/ page is blank. I have tried 3 different browsers.
I’m browsing the shop right now from a desktop browser. Everything seems normal on my end.
Very odd! I can see nothing. Maybe because I have been browsing regularly to see if the Gen3 is out. Otherwise I have no idea. I started having a blank page this AM.
Just started working again. Never mind