Compromised Email Checklist

I am working from a trusted and updated device. I changed the email password to a unique and long password. I enabled MFA or passkey on the email account. I signed out unknown active sessions. I checked forwarding rules, filters and mailbox delegation. I revoked unrecognized app passwords, OAuth apps and third-party access. I verified recovery email, phone and recovery questions. I changed passwords on important accounts connected to this email. I warned contacts or team if suspicious emails were sent from my account. I am monitoring banking, marketplace and business accounts connected to it.