You’ve Been Hacked. Now What? Learn What to Do During and After a Hacking Situation 

Being hacked sucks. There is no other way to say it. It can be a violating, headache-inducing experience. However, the faster you act, the more damage you can mitigate. Read on to learn about immediate steps you can take to navigate your way through a hacking situation. As a bonus, there are tips at the end of the article that outline a post-hacking strategy to ensure your digital presence is never hacked again. 

A Reminder Before We Start! 

Stay calm. In any situation, you will be confronted with a lot of information. In order to process it and effectively strategize a sound response, it is important to breathe and remain calm. So do as Bruce Lee once said and “breathe and allow things to pass.” Now that we are calm, we can start reclaiming our digital assets. 

First Thing to Do: Change Your Passwords 

The gatekeeper to all of your data is your passwords. Since this is the doorway that hackers unlock in order to access your information, it is important to reassess the strength of your passwords. Go to all of your affected accounts and initiate the ‘change password’ process. This will stop hackers from moving freely into your digital boundaries. 

Different Passwords for Different Accounts 

There are a few common mistakes victims of hacking make when remaking their passwords. The first is that some people use one password for every device. This might be an easy way to remember your password across multiple platforms but unfortunately, that gives the hacker carte blanche to do with your information what they wish. It would be like having one key for your house, your car, and your office. Once the hacker gets one key, they can access all of your most personal data. 

A good way to manage the plethora of passwords is to use a password manager. Password managers are easy-to-use applications that remember your passwords across multiple accounts. Typically, these apps are free however some have paid models for higher-tier service. BitWarden and LastPass are great examples of tools that keep all your passwords straight. 

Stronger Passwords Equal Better Protection 

Often when we create our passwords, we determine what our passwords will be based on aspects of our lives so we can easily recall them. The problem with passwords like these is that phishing accounts or bots can gather information about you to use to hack your accounts. The information they gather can create possible passwords. For example, if your password is your dog Max’s name plus the year you graduated, a phishing account can use the data it obtained to pair these bits of information together to guess the password Max2007.

The best practice is to use a randomized series of numbers, letters that are both capitalized and lowercase, and symbols to ultimately create a password that is beyond the scope of your personal data. Services like Google has a function that suggests these robust passwords, making them near impossible to guess. Although these passwords are difficult to recall, you can pair them with the aforementioned password managers to keep your accounts safe and secure. 

What To Do Next: Identify the Type of Hack 

It is important to gauge the extent of the damage done by the hacker. “Hacking” is an umbrella term that encompasses a wide range of digital attacks. Each attack can have a different end goal from corrupting the files on your computer to claiming your data for uses that you do not authorize. 

Consider the difference between malware and phishing. Malware can damage your computer by making it nearly inoperable. This can be as obvious as making the keyboard no longer work to slow down your graphics engine, to leaking personal data whenever you type it in. Phishing on the other hand has the express purpose of getting the victim to click a link to gain unlawful access to all their accounts and personal information. 

By knowing how you have been affected, you can more easily identify what to do next and who to contact in order to get control of your accounts once again. 

Now It’s Time to Get Your Data Back 

Your data is important and it is important to the companies that you partner with. Immediately reach out to the companies that your accounts are attached to. Because of the prevalence of cybersecurity breaches, many companies have hacking helplines specifically designed to guide you through the process of getting your information back. 

Some companies will go so far as to be proactive in their approach to hacking. If their larger digital infrastructure has been breached or if they detect unusual activity on your account, they may reach out to you personally to verify your account status. 

Here’s the kicker – hackers know this. Sometimes they will send fake communications saying your account has been hacked just to get you to provide your information to them. Before proceeding with any efforts to reclaim your data, remember to verify that the entity reaching out to you is legitimate. Look for spelling mistakes in an email, odd word choices, urgent calls to action or threats, mismatched email domains, or suspicious links. 

If all else fails… call! Get on the phone with a representative of the company and they will elucidate your situation for you. 

If All Else Fails… 

Sometimes a clean reboot is what is needed if your computer is simply inoperable after an attack. This requires reinstalling your operating system and getting all your backup data.

Legitimate attacks may require a full-scale wiping of your hard drive. Although it is possible to do this yourself, the scale of the effort might mean you lose some files in the process. Keep in mind that there are tech stores and professionals that can be employed to do this type of work for you so you don’t have to go at it alone.


Are You Out of the Woods? 

In the age of digital security, no one is totally invulnerable to hacking attacks. Even though everything seems okay with your computer, the threat always remains. Take a look at the next section to see a few good tips for what to do after your hacking misadventure is over. 

Tell Your Family and Friends 

With your data, hackers can entice other family members and friends to click on phishing links by pretending to be you. By letting your inner circle know that you’ve been hacked, you can stop anyone close to you from being a victim themselves. 

Monitor Your Accounts Closely 

Keeping an eye on your accounts is already an important prevention step, but in the wake of a cyber attack, it is extra important to monitor for any unusual activity. By staying up to date on your accounts, you can catch any unlawful use of your account early and stop it before it causes too much damage. 

Run Periodic Malware Scans 

Make computer scanning a ritual. Every few days, schedule your computer to monitor for any suspicious files or malware to keep yourself up to date on the health of your PC. Powerful scanning software can not only identify malicious software but it can contain and destroy it as well. 

Bonus: How to Prevent Further Attacks 

Now that you know what it’s like to be hacked, chances are you never want to go through that again. Taking proactive steps toward protecting your online data is the best way to prevent hackers from accessing your information. Check out the five items below to start arming yourself against cyber security threats. 

Install Tools That Will Help You 

There are a plethora of tools available to use to impede hackers from getting control of your information. By using even just one of them, you bolster your defense against malicious intruders. 

One of these tools is a firewall. Most operating systems have a built-in firewall but stronger options exist that are designed to create a shield around your information. Firewalls stop free access to your information networks when turned on. 

You can also employ antivirus and anti-spyware software. Viruses and spywares are malicious programs that destroy the functionality of your computer as well as access your private data.

Both antivirus software and anti-spyware software detect immediate threats to your information and your computer and alert you to any breaches. Although there are many free options, higher-tier software will automatically scan your computer and update to account for emerging threats in the cybersecurity field. 

Set Up Two-Factor Authentication 

We have already talked about strengthening your password, but sometimes a second layer of security goes miles in protecting your data. Two-factor authentication is a means to access your account in which you need your password and a second data input, typically a randomly generated numerical code sent to your phone or email. This randomized “password” prevents hackers from knowing your information and prevents them from accessing your account. The more hurdles a hacker has the jump over to get your information, the less likely they are to succeed. 

Identify and Dispose of Spam 

Earlier, we discussed identifying malicious emails and messages, but spam comes in all sorts of shapes and sizes. Sometimes the best defense is being suspicious. Make sure every message you open is legitimate by comparing it to available data. Did you get an email from a friend out of the blue? Check to see if their name is spelled correctly. Is your bank spending you a message about a potential breach? Look up the name of the sender and see if they are associated with the company. By being vigilant, potential victims can mitigate cyber security threats. 

Regularly Backup Your Computer 

When disaster strikes, the odds of getting your files and data back can greatly diminish. By backing up your information regularly, you always have a cache of saved data that will be unaffected by hacking attempts. Even in the worst case scenario, if a hacker destroys the functionality of your computer, you can always refer to your reserved data. Many times, these files can be stored externally on a harddrive or on a cloud database to prevent direct interaction of any potential hacker. 

Use Encryption 

Encryption is a method of disguising data so that only known members of a system can access the information. This essentially means that in order to access a database, a network, or a computer, one has to know how to read the scrambled data. This prevents hackers from understanding the encrypted language without the use of a cryptographic key. 

Authorized members of a network are assigned the cryptographic key which is set of numerical data that deciphers the encrypted code. Popular encryption tools include BitLocker or FileVault. 

To further your protection, try to navigate only to encrypted sites or shop online at store that guarantee encryption so your data can stay safe and away from the wrong hands.