What to do after a cyber-attack
This guide explains how to:
- limit damage to systems and data
- comply with regulations
If personal data is lost, you’ll need to know what to do under the UK General Data Protection Regulation (GDPR).
You may need to tell the Solicitors Regulation Authority, and your clients if their data is affected.
You should know what to expect from your professional indemnity insurance and cyber insurance.
Be aware of what client information you can give to your insurers. You should also know what you can tell your clients and other parties about your insurers.
More information and guidance
Read our guides on:
The NCSC has guidance on how to respond and recover after an online scam or cyber-attack.
This includes guidance for small businesses on recovering from a cyber incident.
The UK government also has a tool to help you work out where to report a cyber incident.