Technology & Security

What to Do if Your Business Has Been Hacked

  • 4 min Read
  • May 19, 2020

Author

Escalon Editorial Team

Table of Contents

Cybercrimes are extremely common. They exist in every country, every industry and every organization. The growing risk of a hack has far-reaching consequences, which go beyond the theft of funds and business-critical data. Cyberattacks affect not only the hacked business, but also its clients and other stakeholders.

And unfortunately, even with the best cybersecurity measures in place, businesses can find their privacy compromised. But how do you know that your business has been hacked? There are a number of warning signs to look for, such as a sudden spike in DNS traffic, machines suddenly crashing or running slowly, frequent and random popups, online passwords not working, unwanted software installations, unexpected browser toolbars and so on.

Once you have identified a hacking incident, here are four critical steps you can take to rectify the issue.

Contain the Damage




Make damage mitigation your top priority. Figure out immediately what steps can be taken with existing technology. This could include resetting passwords, running antivirus and anti-malware programs, locking down user accounts, setting all social media accounts to private mode and so on. These containment measures will ensure that the hacking will at least be stopped from causing further damage. Until you can determine how the hacker(s) got in, assume everything is vulnerable.

Get Help from Experts




Now is the time to start investigating what exactly happened and what data got breached. Whatever the nature of the hack, forensic examinations of your processes and systems are crucial in understanding any existing or potential weak points and securing against them. If you do not have an in-house IT person, hire a data security professional to investigate the vulnerability.

Laws regarding hacking and data breaches are changing constantly, and vary from state to state and industry to industry. For example, laws related to finance or health-related businesses are usually quite stringent. Contact a lawyer who specializes in internet law and cover as many types of intrusion as possible so your legal expert can give you well thought-out advice for each one.

Report the Breach to Necessary Parties




If the hack has led to a data breach where your customers’ information was potentially accessed, then it’s important to alert them immediately of what happened. This allows them to change their own passwords and freeze payment methods, if needed. You can also provide them with resources on best practices to protect themselves.

While there may not be a legal obligation for you to report any breaches or hacks, transparent reporting and responding will:

  • Allow you to mitigate further damage
  • Lower the chances of losing customer trust
  • Help other organizations know and understand current risks
  • Help you learn what needs to be done to prevent a repeat

Other parties might also need to be kept informed, including regulators, directors, vendors, employees and the media. Come up with a plan including messages for each group, ready to go at a moment’s notice.

Repair Damage, Rebuild to Prevent Future Attacks




After getting a handle on things, review and revise your recovery plan — don’t forget to test it thoroughly. Involve people from all levels of the organization, including the CEO. Ask your customers and vendors to be part of the planning process. Check with them and find out specifically what they’re doing to protect your data. This will give them the confidence to stick with you.

Prevention is always better than a cure. While you cannot guarantee that you won’t ever get hacked again, with a well thought-out and tested cyberattack response plan in place, you not only stand a better chance of fending off even the most damaging cyberattacks, you also limit the damage if a hack does occur.

Talk to our team today to learn how Escalon can help take your company to the next level.

  • Expertise you can trust

    Our team is made up of seasoned professionals who bring years of industry experience to the table. You gain a trusted advisor who understands your business inside out.

  • Quality and consistency

    Say goodbye to the hassles of hiring, training and managing in-house finance teams. You will never have to worry about unexpected leave of absence or retraining new employees.

  • Scalability and Flexibility

    Whether you’re a small business or a global powerhouse, our solutions scale with your needs. We eliminate inefficiencies, reduce costs and help you focus on growing your business.

Contact Us Today!

Tap into the latest insights from experts in your industry

Financial Operations

Stock-Based Compensation Expense: How to Record It Correctly

Stock-based compensation is one of the largest non-cash expenses on most startup income statements and one of the most consistently...

HR & People Operations

Global Payroll: How to Pay a Distributed Team Compliantly

A company with 15 employees in 9 countries used to be unusual. In 2026, it is a normal Series A....

Tax Operations

QSBS Tax Exemption: How Founders & Early Employees Save on Taxes

QSBS is one of the most valuable and most overlooked tax provisions in the US tax code. A founder who...

Financial Operations

ASC 606 Revenue Recognition for SaaS: A Practical Guide

Every SaaS finance team has had the same argument at some point: when do we actually recognize this revenue? A...

Financial Operations

Web3 Accounting: How Token & Crypto Treasuries Change the Books

A Web3 company’s books look familiar at the top level: revenue, expenses, payroll, cash. The complexity starts where the cash...

Financial Operations

Cash Runway: How to Calculate It and Extend It

Cash runway is the simplest and most consequential metric in startup finance. It is the answer to one question: how...

Financial Operations

Nonprofit Accounting Basics: Fund Accounting vs Standard Books

Nonprofit accounting looks similar to business accounting on the surface but answers an entirely different question. A business asks: are...

Financial Operations

SaaS Rule of 40 Explained: How Investors Read Your Numbers

Growth or profitability? For most SaaS founders, the answer used to be growth at all costs. That changed when capital...

Financial Operations

ARR vs MRR: What Each Metric Tells You and When to Use It

Every SaaS founder has been asked the same question by an investor: what is your ARR? And almost every founder...