We use cookies on Principal for the best experience.

What to do if your business is hacked

In early November Tesco Bank spotted some suspicious activity that, in the end, turned out to be what was described as an ‘unprecedented and serious’ hack by the chief executive of the Financial Conduct Authority. It damaged their reputation, and could cost them over £2.5 million.

Your business may not be as large as Tesco, but that doesn’t mean you’re not at risk. Recent research in the Government Security Breaches Survey has highlighted that SMEs are increasingly becoming a target for hackers. In 2015, 74% of SMEs reported some form of malicious attack.

The cloud is a simple and increasingly secure way to organise your IT infrastructure, but what do you do if things go wrong? 

Here's a simple, step-by-step guide on how to deal with a hack.

Recognise there is a problem

The longer a hack is ignored, the more damage that can be done. If you spot that something isn’t right then take action immediately.

There are lots of warning signs to look for.  A sudden spike in DNS traffic might mean your servers have been compromised, abnormal user-account behaviour might mean accounts have been compromised and random emails with attachments may mean your business has become a target.

If you use an external provider, they should regularly be doing these checks on your behalf, and will be able to alert you to any suspicious activity.

These safety checks and balances should help identify breaches quickly, but not always – particularly if vulnerabilities are new or recently exposed.

You should work to educate your staff, enabling them to recognise if something isn’t right. Abnormal email activity, particularly receiving unsolicited emails with attachments are common ways hackers can get access to your systems.

Prevention is always better than cure. Ensuring you work with trusted providers and install all security updates regularly should go without saying. But it may not be enough.

Lock everything down

If you can see there is a problem then now is the time for action – even if you don’t know exactly what’s wrong.

The first stage involves working with your in-house IT team and external providers to come up with a plan of action. The main aim at this stage is to protect your business and the data and information of your customers.

A total lock-down could be the best approach, turning off all systems until you get a handle on what has happened. You may be able to isolate systems to contain the hack. It all depends on the problem itself.

If you work with external providers let them know as soon as possible that your systems are compromised. A vulnerability in one area of the system can quickly spread to others.

Hopefully your supplier will be there to answer the call. At Principal, our dedicated UK contact centre means that there is someone on hand to speak to you about any security concerns and take immediate action.

Don’t forget to keep your staff aware and involved, particularly those who deal directly with customers. A breach may not necessarily destroy all of your systems, but it could damage your reputation, so stay on top of communications internally and externally.

A note on ransomware

There is a growing trend for ransomware attacks on SMEs. In such a situation hackers essentially take hostage of your data, and attempt to sell it back to you. Internet security experts Kaspersky estimate that 750,000 of its users were victims of such hacks in 2015.

In such a situation, recognise that you’re dealing with criminals who have no interest in you, your business or your data – they just want your money.

The best approach is to plan for such attacks by regularly backing up your organisation’s data and being prepared, if necessary, to wipe systems and reinstall everything from scratch.

Investigate the vulnerability

It may have been a staff error, a targeted attack or the exploitation of a previously unknown backdoor into your system. Whatever the hack, a forensic examination of your systems and processes is essential in understanding any existing or potential weak points and securing against them.

In certain circumstances you may want to work with an external consultant who can help you to understand what went wrong. This can often be a beneficial process for a business, with an impartial assessor more likely to avoid the politics that can affect such investigations.


A hack can be an incredibly difficult issue for a business to deal with. Part of the rebuilding process is about developing a strategy to deal with future potential hacks. This will ensure your business is in a much stronger position to manage any attempted attacks in the future.

Often businesses adopt or embrace cloud computing systems to already existing IT infrastructure. This can lead to gaps within the system that can be exploited.

Your cloud IT infrastructure should be planned and deployed strategically. If it isn’t, it may be that you need to go back to the drawing board and design a new system from scratch.

At Principal our dedicated UK-based team work with organisations to design and implement systems with security at their core. Our team is always on hand to support you if things do ever go wrong. If you have any questions then don’t hesitate to contact us.

Back to Tips for Buyers | Next article | Back to Topics

Topics, Tips and Info Categories:

Principal - Company News

Document Management and Workflow Efficiency

Products in Focus

Tips for Buyers

<< Back

Want to find out more?

Please call0333 240 8130or use this form:

Please type the following security code in the box:

Case Studies

See how Principal's ongoing support, advice and training cut costs, reduced waste and increased efficiencies for a growing accountancy firm.

Find out more

See how Principal's advice enabled a smarter purchasing choice that resulted in effective, up-to-date working practices for an expanding accountancy firm.

Find out more

See how Principal's total printing system moved a growing company from an uneconomical, uncoordinated and frustrating print service to a cohesive, cost-effective and well-supported one.

Find out more

See how Principal's service desk and IT support contract solved a company's server problems when they upgraded to Microsoft Server 2008.

Find out more

About Us

Principal is a UK-leading independent provider of managed print and IT services - for commercial, professional and Not-for-Profit organisations. As our reputation has grown over the last 25 years, our business has steadily expanded and diversified.

Email Sign Up

Sign up to our email alerts and download a free whitepaper on print audit to see how much money you could be saving.


Photizo logo member 2016

Microsoft Gold Certified Partner

2013 HP Preferred Partner

2013 HP Preferred Partner

2013 HP Preferred Partner

© 2015 Principal Corporation Ltd. All rights reserved. Designed by Dewsign.