In association with

What to do if you’ve been hacked

What to do if you’ve been hacked

If you think you’ve been hacked, you’re not alone. Almost one in five small businesses in New Zealand have been targeted by a cyber attack, according to 2016’s Norton New Zealand SMB Cyber Security Survey. All businesses are exposed to the risk of cyber attacks or data breaches. If it happens to your business, identify and fix the problem first and then put steps in place to prevent it from happening again. Here’s how.

What is hacking or a cyber attack?

It could be strange new software on your laptop, the system slowing down, your passwords not working or new website content that you didn’t publish. There are many signs you’ve been hit by a cyber attack. But they all mean one thing: you have an urgent problem with your IT.

Hackers could attack your:

  • website 
  • email
  • IT network 
  • social media
  • financial accounts
  • staff’s systems or accounts.
Hacking versus scamming

Hacking versus scamming

Scammers make contact with you and manipulate you into giving over money or personal information. Hackers often work in an undetected way.

Avoiding scams and fraud

What is a breach?

A data breach is whenever personal information is accessed by an unauthorised person or released into an unsecure environment. Unlike hacking, which always has malicious intent, a breach can be either deliberate or accidental.

The most common cause of a data breach is a mistake made by someone in your business. Robust planning on how to handle and protect personal information and other important business data is key. What’s more important is making sure all staff are in the know.

What you must do

While you don’t have a legal obligation to report any breaches or hacks, it is best not to put your head in the sand.

By reporting and responding openly, you will:

  • lessen the chance of losing customer confidence 
  • help other businesses know and understand current risks
  • know what you need to do to help prevent a repeat
  • help control further damages.

Report an issue(external link) — CERT NZ

If you think the problem with your website can infect other computers, temporarily disable it.

If you think the problem with your website can infect other computers, temporarily disable it.

If your website or email is hacked

How you handle the problem depends on what the issue is — but it’s not always easy to figure out what’s gone wrong. Note down everything that’s happened, including when and how you noticed the issue, what’s been affected, eg website or email accounts, and any other relevant details.

If you don’t have an IT expert on the team, there are a number of resources that can help you diagnose the problem.

CERT NZ’s online reporting tool asks you short questions to help you identify and diagnose the problem and next steps to resolve it. It’s confidential. It won’t be published that your business has been attacked.

Report an issue(external link) — CERT NZ

Netsafe and CERT NZ have advice and support to manage online challenges. 

Help! My website has been hacked(external link) — Netsafe

Phishing scams(external link) — Own Your Online


A common sign your website has been infected is if it displays a warning.

A common sign your website has been infected is if it displays a warning.

This message may say "Reported attack site" or "This site may harm your computer”. This means Google has detected something suspicious.

If you’ve been attacked by ransomware, don’t pay up.

If you’ve been attacked by ransomware, don’t pay up.

Many people who pay the ransom never get their data back.

Businesses and ransomware(external link) — Own Your Online

If private information is compromised

If you accidentally lose someone’s information or your system gets hacked, eg someone accesses your client account database, you need to think about how to manage the security breach.

It’s important to:

  • Pinpoint exactly what happened, and how.
  • Take any immediate steps to stop the damage from becoming worse.
  • Decide whether it’s necessary to notify the people affected.
  • Put a plan in place to prevent it happening again.

The Privacy Commissioner has a comprehensive guide on recognising types of data breaches and how to deal with them. They also have tips on putting processes in place to prevent future breaches.

Data safety toolkit(external link) — Privacy Commissioner

Next steps after a cyber attack

Beef up security

After you’ve handled a cyber security incident or breach, it may be tempting to move forward as quickly as possible. But it’s important to unpick exactly what happened and how. Put procedures in place to prevent any future problems.

There are easy, everyday practices, eg backing up data regularly and keeping systems up-to-date, you can take to protect your systems and data.

Top online security tips for your business(external link) — Own Your Online

Get staff involved

If you can’t afford to hire an IT expert on staff, your team will need to be more responsible than big-company employees when it comes to protecting data and using devices correctly. Make sure you have an IT and social media workplace policy so staff know the rules.

Use the Workplace Policy Builder to create an IT and social media policy.

Vote form Has your business been the victim of an online scam in the past two years?

We want to understand the challenges small businesses face. Your feedback will help us understand whether our site is delivering the information you need to succeed.

Rating form

How helpful did you find this information?

Rate this

"Rate this" is required