If your system has been hacked

If you’ve been hacked, you should follow your response plan to alert the right members of staff, take actions to stop the attack, and reduce the damage.

This may involve:

  • disconnecting from the internet
  • disabling remote access
  • installing any pending security updates or patches
  • changing passwords
  • maintenance work on your firewall

Document the attack and the steps you took to fix it. You’ll need these records if you need to report the attack, for example under GDPR.

Find out what happened

Investigate the hack to understand the extent of it. Do not delete any files as this could make the situation worse.

If you have a website hacker protection service, the monitoring service should give you an early warning that you’ve been attacked.

Taking down your website

If your website is badly attacked, you may decide to take it down in the short term.

If you do not already have a back-up plan in place, ask your hosting provider to back up your website data.

You can use external website hack cleaning services to scan, diagnose and fix your website.

> Next section: Reporting the attack

> Back to contents list

Cybersecurity news digest

Stay up to date with all things cyber with our weekly cybersecurity and GDPR newsletter.

Recommended

professional development centre
GDPR for managers: an introduction

New online course, GDPR for managers featuring downloadable checklists and valuable resources from the Law Society and ICO.

GDPR for managers: an introduction > More