Your data got compromised anyways: now what?

Cyber crime is rapidly increasing across the US, and every company is vulnerable. Whether or not you’re one of the 82% of SMBs with a response plan for handling data breaches, you should know that the first few hours after the attack are critical. Here’s what you can do if something does happen.

7 steps to containing the damage following a data breach 

So, there’s a security breach taking place in your system right now. What should you do about it? Here’s a quick 7 step plan. 

1. Stay calm

We get it – a security breach is terrifying. The problem is that panicking doesn’t solve anything. Now is the time for clear, rational, objective decision-making. It’s all about mitigating the damage and finding out who is responsible. 

2. Change your passwords and lock your accounts

Lock down all your social media accounts and change your passwords for everything, from your computer login screen to your email account. Don’t update your browser or third-party password management software with the new passwords until you’re sure the threat is contained. Otherwise, you risk hackers stealing the new passwords. 

3. Identify the threat and contain it 

The next step is identifying the threat. Think of it as a crime scene. You must do some problem-solving and piece together what happened. If you work with an MSP, get their assistance immediately. They are best placed to find breaches quickly and deal with them effectively. 

4. Alert your web hosting service 

It’s a good idea to tell your web host what’s happened so they can give you any relevant advice. If you don’t already work with an MSP, your web host can give you hints, tips, and strategies for dealing with a data breach. 

5. Tell your customers

You must warn your customers, vendors, employees, or other members of the public immediately if their data is at risk. This gives them the chance to change their passwords and account details and their current payment methods. Let them know what you’re doing to remedy the breach.

6. Debrief after the incident

It’s a good idea to reflect on what’s happened after the incident has been contained. Go over the breach in detail and consider what lessons you can learn from it. Make any necessary security tweaks and ask for specialist IT advice if you don’t have an MSP.

7. Educate your employees

Recent studies show that email accounts for 96%  of social-engineering-related breaches. Educate Educate employees on the dangers of, for example, clicking on attachments, sending confidential company data by email, and downloading unexpected files. 

What not to do 

Now that we’ve explained what you should be doing after a cyber attack, it’s worth highlighting what you shouldn’t do. 

First, don’t panic when your data gets compromised. If you panic, your reactions are impaired and you won’t act effectively. Remember, it doesn’t matter how careful you are. Data breaches can happen to anyone. 

Follow any disaster recovery plans you have in place – do not ignore them. These plans are there to help you. If your plan isn’t effective, you can revise it following the security incident. 

Most importantly, don’t conceal the incident from the people who should know about it. Covering up a cyber attack can seriously damage your reputation. At the very least, you must advise anyone whose data may have been compromised. 


US-based companies are the top target for cyber criminals hacking personal data. No matter how strong your cybersecurity is, they could come after you next. What matters is how you respond. For more advice on handling cyber crime, contact us today.