Follow-up since I informed/warned about the hack : I got my email account back! Proton acted very professionally and froze the account immediately after my report, so the hackers couldn't access the account anymore. Also, damage seems minimal, because Proton encrypts email content and attachments (so the hackers couldn't see email contents and attachments, only email addresses from/to and subject) and I didn't have any other accounts connected to this email. So what happened? Many people were quick to accuse me of clicking a phishing mail, having a weak password, having malware on my computer, or similar user slip-up (see comments). But that is not what happened. The hackers abused the password recovery process. As per proton: "the attackers seemed to have directly targeted your account and knew specific details about it, which they used to interact with customer support and gain access to it". What I could have done better was enabling 2FA. I do have 2FA on all social media and exchange accounts etc, but not on this email. This is an old 2019 email account that I had set up after I wrote S2F article and became active on Twitter (now X). I mainly used it to communicate with Twitter followers. This email account will inactive from now on.