My PS is recently hacked. The hacker changed my admin password and the Paypal module credentials. The payments of a few orders went to his account.
Luckily, my customers know me and they opened a dispute with Paypal.
What me concerned is that I changed my passwords, deactivated the other administrator accounts and changed the admin URL, but the hacked was still able to enter the admin environment and changed the Paypal credentials again. He also added a new employee with admin rights.
I shut down the webshop, but will be back as soon as possible. What can I do to avoid that this hacker enters my admin again? Is an authenticator app safe enough?