General

If you've been hacked Mēnā kua mūreretia koe

In association with
All businesses are exposed to the risk of cyber-attacks or data breaches. If it happens to your business, identify and fix the problem first, then put steps in place to prevent it from happening again.

Look out for signs of hacking or a cyber attack

There are many signs you’ve been hit by a cyber-attack, for example: 

  • a strange new software on your laptop
  • the system slowing down
  • your passwords not working
  • new website content that you didn’t publish. 

Hackers could attack your:

  • website
  • email
  • IT network
  • social media
  • financial accounts
  • staff accounts or systems.

What you must do

You don’t have a legal obligation to report any breaches or hacks, but you should still report them.

This will:

  • lessen the chance of losing customer confidence
  • help other businesses know and understand current risks
  • know what you need to do to help prevent a repeat
  • help control further damages.
Report an online security incident National Cyber Security Centre

If your website or email is hacked

How you handle the problem depends on what the issue is, but it’s not always easy to figure out what’s gone wrong.

Note down everything that’s happened, including:

  • when and how you noticed the issue
  • what’s been affected
  • any other relevant details.

If your website shows a warning, it might have been hacked. This message may say "Reported attack site" or "This site may harm your computer”.

This means Google has detected something suspicious.

If you don’t have an IT expert on the team, there are many resources that can help you, such as Own Your Online. 

Top online security tips for your businessOwn Your Online

If private information is compromised

If you accidentally lose someone’s information or your system gets hacked, you must manage the security breach.

It’s important to:

  • identify exactly what happened and how
  • take any immediate steps to stop the damage from becoming worse
  • decide if it’s necessary to notify the people affected
  • put a plan in place to prevent it happening again.

What to do after a cyber-attack

After you’ve handled a cyber security incident or breach, it’s important that you understand exactly what happened and how.

Put procedures in place to strengthen security and prevent any future problems. There are easy, everyday practices you can take to protect your systems and data, like backing up data regularly and keeping systems up to date.

Set out your IT policy

If you can’t afford to hire an IT expert on staff, your team will need to be more responsible when it comes to protecting data and using devices correctly. Make sure you have an IT and social media workplace policy, so staff know the rules.

IT and social media policyWorkplace Policy Builder

Learn more about

IT risks and scams