If your system has been hacked
If you’ve been hacked, you should follow your response plan to alert the right members of staff, take actions to stop the attack, and reduce the damage.
This may involve:
- disconnecting from the internet
- disabling remote access
- installing any pending security updates or patches
- changing passwords
- maintenance work on your firewall
Document the attack and the steps you took to fix it. You’ll need these records if you need to report the attack, for example under GDPR.
Find out what happened
Investigate the hack to understand the extent of it. Do not delete any files as this could make the situation worse.
If you have a website hacker protection service, the monitoring service should give you an early warning that you’ve been attacked.
Taking down your website
If your website is badly attacked, you may decide to take it down in the short term.
If you do not already have a back-up plan in place, ask your hosting provider to back up your website data.
You can use external website hack cleaning services to scan, diagnose and fix your website.
> Next section: Reporting the attack
> Back to contents list