5 Steps To Take When Your Computer Has Been Hacked

“I think my computer was hacked!”

When you suspect your computer has been hacked or your network breached, the human thing to do is panic. But what you do next dictates the difference between a small annoyance and a catastrophic event that brings business to a screeching halt and opens the door to legal and financial trouble.

IBM’s latest cybersecurity report shares that the average data breach goes 277 days before it’s noticed and reported. That’s a LONG time! Malware attacks and others utilizing keylogging and viruses especially can do massive damage in a small period of time.

Most users miss the warning signs and don’t realize they’re under attack until irreversible damage has occurred.

Some of the biggest and best indicators can be easily mistaken and are often confused for an outdated or over loaded system- such as lagging. If you experience any of these issues, it’s a good idea to contact your IT team. If it’s an attack, they’ll know the proper steps to take, and if it’s not, they’ll be able to update your system or replace your device to improve performance.

Important symptoms of an infected computer:

  • Slow computer or network performance
  • Frequent freezes or sudden crashes
  • Rapid pop-ups
  • Locked user accounts
  • Sudden and unexpected file changes
  • Weird behavior, such as the device continuing to run after a shutdown
  • Unusual account activity

Here are 5 steps you should take the second you suspect you’ve been hacked to minimize as much damage as possible:

1. Take the network offline to isolate the incident, but DO NOT turn off the device or reboot it.

One of the first things we tell people when their device isn’t working is to restart it. And while this is a valid response, if your device is exhibiting symptoms of a breach, you do NOT want to do this as it can make matters worse.

Some malware programs can trigger a process that causes unrecoverable data loss upon reboot.  Disconnect your device from the network but allow it to remain on!


The sooner we know, the sooner we can contain the breach BEFORE it infects the rest of your network. Do not try to fix this on your own. Attempting to run a “system cleanup” or your antivirus software will waste time and could cause more damage. Call in the experts- that’s us- 541-494-2099.

3. Call your attorney.

If you are a business owner of any type, you need to contact your attorney.  Depending on the size of the breach, your attorney may refer you to outside legal counsel with privacy and data security expertise who can advise you on the federal and state laws that may be implicated by the data breach.

4. Change passwords and secure all accounts.

While we work on containing the breach, change your passwords (and any employees’ passwords) to protect all other accounts. If you access personal accounts on your business computers (which you should not be doing), you’ll need to change ALL of those as well. Hopefully you have multi-factor authentication enabled and will be notified if someone tries to access your account, but if not, begin working through your accounts to secure them, starting with ones that contain financial information like credit card numbers, Social Security numbers and more. While doing this, ensure to set up multi-factor authentication on any accounts that do not have it enabled.

5. Check your bank accounts.

Cyber-attacks are almost singularly financially motivated. Check your bank accounts and payment processing tools for any anomalies or sudden changes. This includes third-party merchant accounts and employee payroll systems.

You will need to also deploy a PR communications plan and notify appropriate parties such as law enforcement. The most important thing you can do if a data breach occurs is to isolate the incident and hand it over to us as soon as possible. Time matters in these situations.

If you need a reliable, trustworthy cybersecurity team monitoring your business, start with a FREE Cyber Security Risk Assessment. These assessments are designed to thoroughly examine your network to pinpoint any vulnerabilities and map out a plan to fix them. It is much more cost-effective to prevent a cyber-attack than to fix one, so book your assessment today by going to our  SCHEDULE or calling 541-494-2099.