7 Things You Should Do Immediately After Your Website’s Security Has Been Compromised

Once you discover that any part of your website has been maliciously accessed, there are a few things you can do.

Question: What is the first thing you should do AFTER you realize your website's security was compromised?

John Arroyo
Arroyo Labs, Inc.

Scan Your Servers

"After you realize there was a breach, determine what kind of attack it was. This will allow you to determine appropriate next steps. Hackers can do things like steal your data or compromise your site with trojan horses, back doors, and/or altered content. Look for any signs that things have changed and scan your logs for any odd activity. This will dictate how you react and prevent a future attack."


Jessica Baker
Aligned Signs

Don't Panic

"Above all, don't panic. Address the breach Immediately. Fix it and put measures in place that will prevent it from happening again. Then, you need to communicate the facts: What happened? What you're doing about the breach (i.e. we fixed the problem)? What are you're doing for those affected?"


Steven Buchwald
Buchwald & Associates

Shut Down the Site

"The first thing you need to do is shut the site down for assessment and repair. Yes, you’ll lose some business -- but it’s less than you’d lose if you infected every visitor with malware. Once you’ve done that, call in your support team, and pull together any information they’ll need."


Josh Childs
OpenMarkets

Communicate With Your Customers

"Let your customers know about it and that, to protect them, you are denying access to features X and Y while you investigate, but that access to Z is safe and available. The first thing your customers need to know is that you care enough to stop (potentially) hurting them. That will galvanize your relationship and buy you a window of goodwill to investigate and remedy the problem."


Ajmal Saleem
Suprex Learning

Check Whether Credit Card or Other Sensitive Data Was Stolen

"Depending on your industry, a security breach could be a big problem to your customer or a small one. If you are in the financial industry, a security breach could mean bank account numbers could be stolen. If you work in the education industry, lost data can include grade history or behavior reports. The key is to inform your customers immediately and close any related accounts."


Arry Yu
Emotiv Labs, Inc. (Maker of www.giftstarter.com)

Do a Quick Fix, Then Assess the Damage

"Do whatever it takes (within reason) to plug up the area that's been compromised. Then assess the damage to determine the next step. Was customer data stolen? Did it affect any revenue? What communications need to go out and to whom?"


More like this article:

Resources

7 Things You Should Do Immediately After Your Website’s Security Has Been Compromised

Once you discover that any part of your website has been maliciously accessed, there are a few things you can do.

Question: What is the first thing you should do AFTER you realize your website's security was compromised?

John Arroyo
Arroyo Labs, Inc.

Scan Your Servers

"After you realize there was a breach, determine what kind of attack it was. This will allow you to determine appropriate next steps. Hackers can do things like steal your data or compromise your site with trojan horses, back doors, and/or altered content. Look for any signs that things have changed and scan your logs for any odd activity. This will dictate how you react and prevent a future attack."


Jessica Baker
Aligned Signs

Don't Panic

"Above all, don't panic. Address the breach Immediately. Fix it and put measures in place that will prevent it from happening again. Then, you need to communicate the facts: What happened? What you're doing about the breach (i.e. we fixed the problem)? What are you're doing for those affected?"


Steven Buchwald
Buchwald & Associates

Shut Down the Site

"The first thing you need to do is shut the site down for assessment and repair. Yes, you’ll lose some business -- but it’s less than you’d lose if you infected every visitor with malware. Once you’ve done that, call in your support team, and pull together any information they’ll need."


Josh Childs
OpenMarkets

Communicate With Your Customers

"Let your customers know about it and that, to protect them, you are denying access to features X and Y while you investigate, but that access to Z is safe and available. The first thing your customers need to know is that you care enough to stop (potentially) hurting them. That will galvanize your relationship and buy you a window of goodwill to investigate and remedy the problem."


Ajmal Saleem
Suprex Learning

Check Whether Credit Card or Other Sensitive Data Was Stolen

"Depending on your industry, a security breach could be a big problem to your customer or a small one. If you are in the financial industry, a security breach could mean bank account numbers could be stolen. If you work in the education industry, lost data can include grade history or behavior reports. The key is to inform your customers immediately and close any related accounts."


Arry Yu
Emotiv Labs, Inc. (Maker of www.giftstarter.com)

Do a Quick Fix, Then Assess the Damage

"Do whatever it takes (within reason) to plug up the area that's been compromised. Then assess the damage to determine the next step. Was customer data stolen? Did it affect any revenue? What communications need to go out and to whom?"


See Also: 7 Best Strategies for Attracting Your Very First Customers

If you have insights like this to share,

Apply to YEC

and join us!

More Like This Article:

9 Easy Tools for Load-Testing Your App or Website

8 Apps to Spark Your Creativity

5 WordPress Tricks That Will Save You Hours

Today's Picks

by Tommy Mello

How Credit Can Work for Your Business

by Beth Doane

10 Negotiating Tips Every Woman Needs in Her Arsenal

by Cliff Johnson

How to Use Technology to Your Company’s Overall Advantage