What to do if your website is hacked or compromised

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

They say it’s a matter of when not if a business’ digital system gets hacked or compromised. It’s almost inevitable that it will happen, and this can be seen by all the data breaches from companies, even those who are giant corporations who have dedicated digital security teams to securing all of their systems. A quick glance here will give you just a brief idea of how much data has been stolen during data breaches in the past, take a look at how long that page is!

Data breaches usually happen because of two different scenarios:
1) The managing company was too lax in it’s security processes, forgot to update or patch their systems (or was too late), wasn’t staying current on modern-day security threats, etc.
2) The hacker or bot is taking advantage of what’s called a “zero-day” flaw which means there is no known protection against it at that time.

Number one is most often what happens, but number two also happens and is unfortunately the hardest to protect against – in fact it’s basically impossible since nobody even knows about the vulnerability yet including most times the manufacturer of the software too.

This article will discuss what to do if (or when) your website is compromised. These are industry-wide best practices and recommendations, learned off the backs of the companies that have had huge repercussions from their own data breaches. The steps below are how the process will go from my side, and how it should go from your side:

  1. I have many security systems in place to prevent any issues, some of the protection systems in place include: 1) Locks accounts temporarily when it detects many incorrect login attempts in order to prevent brute-force attacks on any user logins, 2) Logs of everything in my server including every action, every login, and more, 3) Use of blocklists for any known bad IP addresses or hostnames to prevent them from connecting to the server, and many more systems in place of course too. I also proactively look for issues with frequent reviews of my logs and security software which monitors various aspects of the systems, including the web server, email server, and more. The moment I detect something and validate that there’s been at least a chance of compromised data, I will notify you right away.
  2. Once confirmed on my side and you’ve been notified, I will immediately begin looking for the source of the hack and how to protect against it in the future and then implement those precautions as soon as possible to “plug the hole” so that it can’t happen again.
  3. In the meantime, you will want to notify your customers as well if there is any of their data involved in the data breach. If your website is collecting mailing addresses or credit card details for example if you’re accepting payments online, you will need to notify all people involved who may have had their data compromised. You may also need to notify the proper authorities as well.

Thankfully I have many systems and procedures in place to prevent incidents like this, but of course nothing is perfect which is why it’s important to have a plan in case a data breach occurs.

Some best practices to avoid attacks are below. Of course much of this is done already for you on my side of things if you’re hosting your website with me. It is important you follow this too though with your own online properties.

  • Only collect as much data as you need, nothing more. This limits your exposure if something were to be compromised. The less data you have to be compromised, the less exposure you are responsible for and the better you can handle the aftermath.
  • Use secure passwords! Do not use easy-to-crack passwords, as you increase the risk of someone using your credentials to access systems that you didn’t want anyone accessing. On this note, make sure to use 2FA (two-factor authentication) whenever possible on your accounts, as this makes it much harder for someone to gain access via your user credentials.
  • Make sure you are transparent with your customers on what data you collect and what you do not collect. It is generally considered best practice to have what’s known as a “privacy policy” published on your website especially for sites which require registration or subscription.

I will update this page as I have more ideas to share on this topic too. I hope you have found the above to be helpful. It serves two purposes: 1) How data breaches will be handled by myself, and 2) Prepare yourself for what may be needed in the future if/when such an event happens, and how to protect yourself from it too.