{"id":55544,"date":"2026-01-08T16:09:04","date_gmt":"2026-01-08T15:09:04","guid":{"rendered":"https:\/\/www.itaf.eu\/?p=55544"},"modified":"2026-01-08T16:09:04","modified_gmt":"2026-01-08T15:09:04","slug":"what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses","status":"publish","type":"post","link":"https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/","title":{"rendered":"What to Do If You\u2019ve Been Hacked  &#8211; A Practical Checklist for Businesses"},"content":{"rendered":"<p><span data-contrast=\"auto\">A cyber incident is stressful, and it\u2019s very serious. Whether it\u2019s a hacked email account, ransomware, or suspicious activity on your network, you may be facing data loss, business disruption, legal obligations, and reputational damage. In these situations, the <\/span><b><span data-contrast=\"auto\">first hours matter most.&nbsp;<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><span data-contrast=\"auto\">If you\u2019re asking what to do if you&#8217;ve been hacked, this checklist walks you through the critical steps. It is written for <\/span><span data-contrast=\"auto\">SMEs and organisations without a large internal IT team, <\/span><span data-contrast=\"auto\">focusing on what to do first, what not to do, and how to limit damage.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<h2><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:0,&quot;335559739&quot;:0}\">&nbsp;<\/span><span data-contrast=\"none\">Step 1 \u2013 Evaluate the situation<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:299,&quot;335559739&quot;:299}\">&nbsp;<\/span><\/h2>\n<p><span data-contrast=\"auto\">Before taking any action, <\/span><b><span data-contrast=\"auto\">take stock of what\u2019s happening<\/span><\/b><span data-contrast=\"auto\">. Assess which systems, accounts, or files are affected, and gather as much information as possible.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<h3><b><span data-contrast=\"auto\">Common signs of a hack:<\/span><\/b><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/h3>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"13\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">You cannot log in to accounts<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"13\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Emails are being sent that you didn\u2019t write<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"13\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">Files are encrypted, missing, or suspiciously modified<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"13\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><span data-contrast=\"auto\">Systems are slow or behaving unpredictably<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"13\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"5\" data-aria-level=\"1\"><span data-contrast=\"auto\">Ransom messages or unusual alerts appear<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">This step ensures you make <\/span><b><span data-contrast=\"auto\">informed decisions<\/span><\/b><span data-contrast=\"auto\"> in the next phases instead of acting blindly.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Step 2 \u2013 Get expert help<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:299,&quot;335559739&quot;:299}\">&nbsp;<\/span><\/h2>\n<p><span data-contrast=\"auto\">Once you have an initial understanding of the situation, <\/span><b><span data-contrast=\"auto\">contact your IT partner or cybersecurity expert (like ITAF)<\/span><\/b><span data-contrast=\"auto\">.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<p><span data-contrast=\"auto\">Expert guidance can:<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"14\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Contain the incident and prevent further spread<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"14\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Preserve evidence for investigation or compliance<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"14\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">Help you avoid missteps that could worsen the situation<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<p><b><span data-contrast=\"auto\">Tip:<\/span><\/b><span data-contrast=\"auto\"> Many organisations lose time and data by guessing solutions under pressure. Early expert involvement often makes the biggest difference.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:0,&quot;335559739&quot;:0}\">&nbsp;<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Step 3 \u2013 Isolate the problem<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:299,&quot;335559739&quot;:299}\">&nbsp;<\/span><\/h2>\n<p><span data-contrast=\"auto\">The next priority is to <\/span><b><span data-contrast=\"auto\">stop the spread<\/span><\/b><span data-contrast=\"auto\"> of the breach:<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"15\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Disconnect affected devices from the network (Wi-Fi &amp; cable)<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"15\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Log out compromised accounts on all devices<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"15\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">Disable suspicious user accounts<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"15\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><span data-contrast=\"auto\">Stop syncing services (email, cloud storage) if needed<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">This helps limit further damage while keeping systems available for investigation.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:0,&quot;335559739&quot;:0}\">&nbsp;<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Step 4 \u2013 Secure accounts and change passwords<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:299,&quot;335559739&quot;:299}\">&nbsp;<\/span><\/h2>\n<p><span data-contrast=\"auto\">Password resets are essential, but timing is critical.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"16\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Start with admin, email, and cloud accounts<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"16\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Use strong, unique passwords (no reuse)<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"16\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">Reset from a clean, uncompromised device<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"16\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><span data-contrast=\"auto\">Check if Multi-Factor Authentication (MFA) settings were changed or disabled<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Changing passwords too early, without expert guidance, can alert attackers or cause more issues.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:0,&quot;335559739&quot;:0}\">&nbsp;<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Step 5 \u2013 Identify what was accessed<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:299,&quot;335559739&quot;:299}\">&nbsp;<\/span><\/h2>\n<p><span data-contrast=\"auto\">Understanding the scope of the incident is key:<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"17\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Review login logs and sign-in locations<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"17\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Check for email rules or forwarding set by attackers<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"17\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">Look for new admin accounts<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"17\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><span data-contrast=\"auto\">Investigate access to sensitive data (files, customer info, financial data)<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">This step helps determine whether it\u2019s a limited breach, a full network compromise, or a data leak.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:0,&quot;335559739&quot;:0}\">&nbsp;<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Step 6 \u2013 Communicate internally<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:299,&quot;335559739&quot;:299}\">&nbsp;<\/span><\/h2>\n<p><span data-contrast=\"auto\">Silence can worsen the situation. Inform your team clearly:<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"18\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Not to click suspicious emails<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"18\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Not to reconnect affected devices<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"18\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">To report anything unusual immediately<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Clear internal communication reduces panic and prevents further damage.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:0,&quot;335559739&quot;:0}\">&nbsp;<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Step 7 \u2013 Check legal and compliance obligations<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:299,&quot;335559739&quot;:299}\">&nbsp;<\/span><\/h2>\n<p><span data-contrast=\"auto\">Depending on the incident and the evaluation you receive from your IT partner, you may need to:<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"19\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Notify customers or partners<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"19\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Report a data breach (GDPR)<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Correct timing and wording are critical; mistakes can create additional risk.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\"> Wait on your IT partner&#8217;s evaluation before taking any steps.<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:0,&quot;335559739&quot;:0}\">&nbsp;<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Step 8 \u2013 Recover safely<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:299,&quot;335559739&quot;:299}\">&nbsp;<\/span><\/h2>\n<p><span data-contrast=\"auto\">Recovery is not just \u201cturning things back on.\u201d A safe recovery includes:<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"20\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Verifying backups before restoring<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"20\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Cleaning or reinstalling infected systems<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"20\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">Monitoring systems after recovery<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"20\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><span data-contrast=\"auto\">Confirming attackers no longer have access<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">Restoring too quickly can reinfect your environment.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:0,&quot;335559739&quot;:0}\">&nbsp;<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">Step 9 \u2013 Fix the root cause<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:299,&quot;335559739&quot;:299}\">&nbsp;<\/span><\/h2>\n<p><span data-contrast=\"auto\">A hack is usually a <\/span><b><span data-contrast=\"auto\">symptom<\/span><\/b><span data-contrast=\"auto\">, not the real problem. Address underlying weaknesses:<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"21\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Weak or reused passwords<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"21\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Missing MFA<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"21\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">Unpatched systems<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"21\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><span data-contrast=\"auto\">Lack of monitoring or detection<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"21\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"5\" data-aria-level=\"1\"><span data-contrast=\"auto\">Employees not trained to recognise threats<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">This is where <\/span><b><span data-contrast=\"auto\">prevention starts<\/span><\/b><span data-contrast=\"auto\">.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:0,&quot;335559739&quot;:0}\">&nbsp;<\/span><\/p>\n<h2 aria-level=\"2\"><span data-contrast=\"none\">How ITAF helps after (and before) an incident<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:299,&quot;335559739&quot;:299}\">&nbsp;<\/span><\/h2>\n<p><span data-contrast=\"auto\">As an IT partner supporting SMEs with cybersecurity, IT infrastructure, and cloud environments, ITAF regularly helps organisations respond to cyber incidents. Services include:<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"22\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">Incident response &amp; containment<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"22\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">Security assessments<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"22\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">Backup &amp; recovery strategies<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"22\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><span data-contrast=\"auto\">Endpoint, email, and network security<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"22\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"5\" data-aria-level=\"1\"><span data-contrast=\"auto\">Ongoing monitoring and guidance<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">The goal is simple: <\/span><b><span data-contrast=\"auto\">limit damage today and prevent the next incident tomorrow<\/span><\/b><span data-contrast=\"auto\">.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n<p><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:0,&quot;335559739&quot;:0}\">&nbsp;<\/span><\/p>\n<p aria-level=\"2\"><span data-contrast=\"none\">Quick Checklist: What to Do If You\u2019re Hacked<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;134245418&quot;:true,&quot;134245529&quot;:true,&quot;335559738&quot;:299,&quot;335559739&quot;:299}\">&nbsp;<\/span><\/p>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"23\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"1\" data-aria-level=\"1\"><span data-contrast=\"auto\">\u274f <\/span><b><span data-contrast=\"auto\">Evaluate the situation<\/span><\/b><span data-contrast=\"auto\"> \u2013 Assess which systems, accounts, or files are affected and gather key information.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"23\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"2\" data-aria-level=\"1\"><span data-contrast=\"auto\">\u274f <\/span><b><span data-contrast=\"auto\">Call your IT partner<\/span><\/b><span data-contrast=\"auto\"> \u2013 Early expert guidance prevents mistakes and limits damage.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"23\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"3\" data-aria-level=\"1\"><span data-contrast=\"auto\">\u274f <\/span><b><span data-contrast=\"auto\">Isolate affected systems<\/span><\/b><span data-contrast=\"auto\"> \u2013 Disconnect compromised devices and accounts to stop the spread.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"23\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"4\" data-aria-level=\"1\"><span data-contrast=\"auto\">\u274f <\/span><b><span data-contrast=\"auto\">Secure accounts &amp; credentials<\/span><\/b><span data-contrast=\"auto\"> \u2013 Reset passwords from a clean device and check MFA.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"23\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"5\" data-aria-level=\"1\"><span data-contrast=\"auto\">\u274f <\/span><b><span data-contrast=\"auto\">Identify what was accessed<\/span><\/b><span data-contrast=\"auto\"> \u2013 Determine whether data, email, or systems were compromised.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"23\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"6\" data-aria-level=\"1\"><span data-contrast=\"auto\">\u274f <\/span><b><span data-contrast=\"auto\">Inform employees<\/span><\/b><span data-contrast=\"auto\"> \u2013 Give clear instructions to avoid panic and further mistakes.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"23\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"7\" data-aria-level=\"1\"><span data-contrast=\"auto\">\u274f <\/span><b><span data-contrast=\"auto\">Check legal and compliance obligations<\/span><\/b><span data-contrast=\"auto\"> \u2013 GDPR, customer notifications, and insurer requirements may apply.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"23\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"8\" data-aria-level=\"1\"><span data-contrast=\"auto\">\u274f <\/span><b><span data-contrast=\"auto\">Recover from clean backups<\/span><\/b><span data-contrast=\"auto\"> \u2013 Restore only after confirming the threat is gone.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-setsize=\"-1\" data-leveltext=\"\uf0b7\" data-font=\"Symbol\" data-listid=\"23\" data-list-defn-props=\"{&quot;335552541&quot;:1,&quot;335559685&quot;:720,&quot;335559991&quot;:360,&quot;469769226&quot;:&quot;Symbol&quot;,&quot;469769242&quot;:[8226],&quot;469777803&quot;:&quot;left&quot;,&quot;469777804&quot;:&quot;\uf0b7&quot;,&quot;469777815&quot;:&quot;hybridMultilevel&quot;}\" data-aria-posinset=\"9\" data-aria-level=\"1\"><span data-contrast=\"auto\">\u274f <\/span><b><span data-contrast=\"auto\">Address the root cause<\/span><\/b><span data-contrast=\"auto\"> \u2013 Fix weak passwords, missing MFA, unpatched systems, and gaps in employee training.<\/span><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/li>\n<\/ul>\n<p><span data-contrast=\"auto\">If you\u2019re unsure at any step, don\u2019t guess. <\/span><a href=\"https:\/\/www.itaf.eu\/contacteer-ons\/\"><b><span data-contrast=\"auto\">Getting help early can make a huge difference.<\/span><\/b><\/a><span data-ccp-props=\"{&quot;134233117&quot;:false,&quot;134233118&quot;:false,&quot;335559738&quot;:240,&quot;335559739&quot;:240}\">&nbsp;<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>A cyber incident is stressful, and it\u2019s very serious. Whether it\u2019s a hacked email account, ransomware, or suspicious activity on your network, you may be facing data loss, business disruption, legal obligations, and reputational damage. In these situations, the first hours matter most.&nbsp;&nbsp;If you\u2019re asking what to do if you&#8217;ve been hacked, this checklist walks [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":55545,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"ngg_post_thumbnail":0,"footnotes":""},"categories":[96],"tags":[],"class_list":["post-55544","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>What to Do If You\u2019ve Been Hacked - A Practical Checklist for Businesses - ITAF IT Partner<\/title>\n<meta name=\"description\" content=\"\u00a0If you\u2019re asking what to do if you&#039;ve been hacked, this checklist walks you through the critical steps. Read on\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What to Do If You\u2019ve Been Hacked - A Practical Checklist for Businesses - ITAF IT Partner\" \/>\n<meta property=\"og:description\" content=\"\u00a0If you\u2019re asking what to do if you&#039;ve been hacked, this checklist walks you through the critical steps. Read on\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/\" \/>\n<meta property=\"og:site_name\" content=\"ITAF IT Partner\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ITAF.eu\" \/>\n<meta property=\"article:published_time\" content=\"2026-01-08T15:09:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.itaf.eu\/wp-content\/uploads\/2026\/01\/1_Hacked-What-Next.png\" \/>\n\t<meta property=\"og:image:width\" content=\"2400\" \/>\n\t<meta property=\"og:image:height\" content=\"1668\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Jasna Stanic\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ITAF_IT_partner\" \/>\n<meta name=\"twitter:site\" content=\"@ITAF_IT_partner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jasna Stanic\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\\\/\"},\"author\":{\"name\":\"Jasna Stanic\",\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/#\\\/schema\\\/person\\\/9c7c004bb6f773cfd2a66a939556ca69\"},\"headline\":\"What to Do If You\u2019ve Been Hacked &#8211; A Practical Checklist for Businesses\",\"datePublished\":\"2026-01-08T15:09:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\\\/\"},\"wordCount\":903,\"publisher\":{\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.itaf.eu\\\/wp-content\\\/uploads\\\/2026\\\/01\\\/1_Hacked-What-Next.png\",\"articleSection\":[\"IT Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\\\/\",\"url\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\\\/\",\"name\":\"What to Do If You\u2019ve Been Hacked - A Practical Checklist for Businesses - ITAF IT Partner\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.itaf.eu\\\/wp-content\\\/uploads\\\/2026\\\/01\\\/1_Hacked-What-Next.png\",\"datePublished\":\"2026-01-08T15:09:04+00:00\",\"description\":\"\u00a0If you\u2019re asking what to do if you've been hacked, this checklist walks you through the critical steps. Read on\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.itaf.eu\\\/en\\\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.itaf.eu\\\/wp-content\\\/uploads\\\/2026\\\/01\\\/1_Hacked-What-Next.png\",\"contentUrl\":\"https:\\\/\\\/www.itaf.eu\\\/wp-content\\\/uploads\\\/2026\\\/01\\\/1_Hacked-What-Next.png\",\"width\":2400,\"height\":1668,\"caption\":\"what to do if you've been hacked\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What to Do If You\u2019ve Been Hacked &#8211; A Practical Checklist for Businesses\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/\",\"name\":\"ITAF IT Partner\",\"description\":\"Reliable IT support\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/#organization\",\"name\":\"ITAF is een IT partner voor KMO's, grote bedrijven en overheid: IT support, ICT infrastructuur, Cloud oplossingen, Managed IT services en software ontwikkeling\",\"url\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.itaf.eu\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/ITAF-Geniki_logo_512px-1.webp\",\"contentUrl\":\"https:\\\/\\\/www.itaf.eu\\\/wp-content\\\/uploads\\\/2026\\\/02\\\/ITAF-Geniki_logo_512px-1.webp\",\"width\":512,\"height\":166,\"caption\":\"ITAF is een IT partner voor KMO's, grote bedrijven en overheid: IT support, ICT infrastructuur, Cloud oplossingen, Managed IT services en software ontwikkeling\"},\"image\":{\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/ITAF.eu\",\"https:\\\/\\\/x.com\\\/ITAF_IT_partner\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/itaf-eu?trk=tyah&trkInfo=clickedVerticalcompanyidx2-2-7tarId1429703363595tasitaf\",\"https:\\\/\\\/www.youtube.com\\\/@ITAFICTPartner\\\/\",\"https:\\\/\\\/www.instagram.com\\\/itaf.eu\\\/\",\"https:\\\/\\\/www.threads.net\\\/@itaf.eu\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/#\\\/schema\\\/person\\\/9c7c004bb6f773cfd2a66a939556ca69\",\"name\":\"Jasna Stanic\",\"url\":\"https:\\\/\\\/www.itaf.eu\\\/en\\\/author\\\/jasna-stanic\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What to Do If You\u2019ve Been Hacked - A Practical Checklist for Businesses - ITAF IT Partner","description":"\u00a0If you\u2019re asking what to do if you've been hacked, this checklist walks you through the critical steps. Read on","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/","og_locale":"en_US","og_type":"article","og_title":"What to Do If You\u2019ve Been Hacked - A Practical Checklist for Businesses - ITAF IT Partner","og_description":"\u00a0If you\u2019re asking what to do if you've been hacked, this checklist walks you through the critical steps. Read on","og_url":"https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/","og_site_name":"ITAF IT Partner","article_publisher":"https:\/\/www.facebook.com\/ITAF.eu","article_published_time":"2026-01-08T15:09:04+00:00","og_image":[{"width":2400,"height":1668,"url":"https:\/\/www.itaf.eu\/wp-content\/uploads\/2026\/01\/1_Hacked-What-Next.png","type":"image\/png"}],"author":"Jasna Stanic","twitter_card":"summary_large_image","twitter_creator":"@ITAF_IT_partner","twitter_site":"@ITAF_IT_partner","twitter_misc":{"Written by":"Jasna Stanic","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/#article","isPartOf":{"@id":"https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/"},"author":{"name":"Jasna Stanic","@id":"https:\/\/www.itaf.eu\/en\/#\/schema\/person\/9c7c004bb6f773cfd2a66a939556ca69"},"headline":"What to Do If You\u2019ve Been Hacked &#8211; A Practical Checklist for Businesses","datePublished":"2026-01-08T15:09:04+00:00","mainEntityOfPage":{"@id":"https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/"},"wordCount":903,"publisher":{"@id":"https:\/\/www.itaf.eu\/en\/#organization"},"image":{"@id":"https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/#primaryimage"},"thumbnailUrl":"https:\/\/www.itaf.eu\/wp-content\/uploads\/2026\/01\/1_Hacked-What-Next.png","articleSection":["IT Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/","url":"https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/","name":"What to Do If You\u2019ve Been Hacked - A Practical Checklist for Businesses - ITAF IT Partner","isPartOf":{"@id":"https:\/\/www.itaf.eu\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/#primaryimage"},"image":{"@id":"https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/#primaryimage"},"thumbnailUrl":"https:\/\/www.itaf.eu\/wp-content\/uploads\/2026\/01\/1_Hacked-What-Next.png","datePublished":"2026-01-08T15:09:04+00:00","description":"\u00a0If you\u2019re asking what to do if you've been hacked, this checklist walks you through the critical steps. Read on","breadcrumb":{"@id":"https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/#primaryimage","url":"https:\/\/www.itaf.eu\/wp-content\/uploads\/2026\/01\/1_Hacked-What-Next.png","contentUrl":"https:\/\/www.itaf.eu\/wp-content\/uploads\/2026\/01\/1_Hacked-What-Next.png","width":2400,"height":1668,"caption":"what to do if you've been hacked"},{"@type":"BreadcrumbList","@id":"https:\/\/www.itaf.eu\/en\/what-to-do-if-youve-been-hacked-a-practical-checklist-for-businesses\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.itaf.eu\/en\/"},{"@type":"ListItem","position":2,"name":"What to Do If You\u2019ve Been Hacked &#8211; A Practical Checklist for Businesses"}]},{"@type":"WebSite","@id":"https:\/\/www.itaf.eu\/en\/#website","url":"https:\/\/www.itaf.eu\/en\/","name":"ITAF IT Partner","description":"Reliable IT support","publisher":{"@id":"https:\/\/www.itaf.eu\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.itaf.eu\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.itaf.eu\/en\/#organization","name":"ITAF is een IT partner voor KMO's, grote bedrijven en overheid: IT support, ICT infrastructuur, Cloud oplossingen, Managed IT services en software ontwikkeling","url":"https:\/\/www.itaf.eu\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.itaf.eu\/en\/#\/schema\/logo\/image\/","url":"https:\/\/www.itaf.eu\/wp-content\/uploads\/2026\/02\/ITAF-Geniki_logo_512px-1.webp","contentUrl":"https:\/\/www.itaf.eu\/wp-content\/uploads\/2026\/02\/ITAF-Geniki_logo_512px-1.webp","width":512,"height":166,"caption":"ITAF is een IT partner voor KMO's, grote bedrijven en overheid: IT support, ICT infrastructuur, Cloud oplossingen, Managed IT services en software ontwikkeling"},"image":{"@id":"https:\/\/www.itaf.eu\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/ITAF.eu","https:\/\/x.com\/ITAF_IT_partner","https:\/\/www.linkedin.com\/company\/itaf-eu?trk=tyah&trkInfo=clickedVerticalcompanyidx2-2-7tarId1429703363595tasitaf","https:\/\/www.youtube.com\/@ITAFICTPartner\/","https:\/\/www.instagram.com\/itaf.eu\/","https:\/\/www.threads.net\/@itaf.eu"]},{"@type":"Person","@id":"https:\/\/www.itaf.eu\/en\/#\/schema\/person\/9c7c004bb6f773cfd2a66a939556ca69","name":"Jasna Stanic","url":"https:\/\/www.itaf.eu\/en\/author\/jasna-stanic\/"}]}},"_links":{"self":[{"href":"https:\/\/www.itaf.eu\/en\/wp-json\/wp\/v2\/posts\/55544","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.itaf.eu\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.itaf.eu\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.itaf.eu\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.itaf.eu\/en\/wp-json\/wp\/v2\/comments?post=55544"}],"version-history":[{"count":2,"href":"https:\/\/www.itaf.eu\/en\/wp-json\/wp\/v2\/posts\/55544\/revisions"}],"predecessor-version":[{"id":55901,"href":"https:\/\/www.itaf.eu\/en\/wp-json\/wp\/v2\/posts\/55544\/revisions\/55901"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.itaf.eu\/en\/wp-json\/wp\/v2\/media\/55545"}],"wp:attachment":[{"href":"https:\/\/www.itaf.eu\/en\/wp-json\/wp\/v2\/media?parent=55544"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.itaf.eu\/en\/wp-json\/wp\/v2\/categories?post=55544"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.itaf.eu\/en\/wp-json\/wp\/v2\/tags?post=55544"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}