So You Have Been Hacked, Now What?

Here are a few of the first steps businesses should take if their systems are compromised.  

Learn More
< Back to Insights

Have you been breached? Contact our 24/7 Cyber Breach Hotline: 800-561-6889

Insights  <  So You Have Been Hacked, Now What?

Here are a few of the first steps businesses should take if their systems are compromised.  

In a previous article, we outlined a few steps businesses can take to avoid a potential cyber attack (which can be viewed by clicking here). While those proactive actions will certainly leave your company better prepared, business owners must remember that even if they’ve done all of the right things, they still very well may fall victim to a data breach.   

That’s why, in addition to taking the preventative steps to avoid a hack, it’s equally important for businesses to develop a reactive plan to respond to a hack.   

Here are a few of the first steps businesses should take if their systems are compromised.  


Once you’ve identified that there is a cyber event taking place, it’s time to quickly move on to containing it. Make sure you change all of your passwords; take “infected” devices off your organization’s network; and quickly clear any corrupted files off your servers. In the case of large-scale data breaches, companies may go so far as to shut down their network entirely, and bring their servers back online in an orderly and sequential order.  


Once the cyber event has been contained, the next step businesses need to take after a breach is to determine:

  1. how the hackers got in
  2. Which information assets were exposed
  3. What’s still at risk

Business owners will need to work with their IT department or cybersecurity consultants to answer all of these questions as quickly as possible.  

Cyber Risk Management 101


Depending on your industry, there may be specific laws and compliance regulations businesses must follow should they experience a breach. It’s important to work with your cybersecurity consultants and legal team to ensure you are complying in a timely, accurate manner from both a state and federal perspective. In addition to fulfilling any legally required reporting obligations, businesses should report the breach to their local authorities.  

Communicate (Externally)

In the case of a data breach, maintaining transparency with your customer base isn’t just a good business practice; it’s the law. You’ll need to send written notifications to every customer explaining to them exactly what the problem is, when the problem occurred, and what you’re doing to solve it.  

Communicate (Internally)

Let’s say you fall victim to a data breach, and the culprit was – as it often is – human error. Maybe an employee fell for a phishing scam and clicked on an insecure link. Maybe somebody entered a secure password while using an insecure Internet connection.  

Mistakes happen. 

 We, of course, are not recommending singling out any employee who made a simple mistake, but, if you fall victim to a data breach that could have been avoided, you should clearly communicate to your staff how the hackers “got in” so that your employees learn to identify similar attacks in the future.  

Finally, Recover and Prepare for the Next One

Obviously, as a business owner, you would hope something like this would never happen again. But it might. That’s why it’s absolutely crucial to have a regularly updated, in-depth incident response plan in place at all times. 

 blumshapiro’s expert cybersecurity team can help you design and implement an incident response plan, in addition to offering a wide range of other services that will enhance the security posture of your organization, manage security risks and ensure compliance with industry standards and regulations 

Continue the Conversation

blumshapiro Outsourced Cyber Security Services

Learn More Today

Continue the Conversation with Our Team
Get in touch with us.

Contact Us