2. Secure your accounts
Once you’ve confirmed that a cyberattack has occurred, protecting your accounts and login information is the next priority. This means not just for the app or account that is currently under threat, but also for all of your sensitive accounts. If a hacker knows one email and password, there’s a good chance they’ll try that combination for multiple accounts, putting even more of your data at risk.
What to do next? Before you rush to change all your passwords, it’s worth running a comprehensive antivirus program to make sure your business devices are still secure. Once you are satisfied that they are secure, create new and unique passwords for all your accounts, preferably passwords that are difficult to guess. a random string of letters, symbols, and numbers is ideal, even if it’s hard to remember. It’s important to get your team to do the same thing with all their passwords, especially if you’re not sure which accounts are vulnerable. This is also a great time to ensure everyone has features like two-factor authentication enabled for their accounts, so future unauthorized login attempts are met with an extra layer of security. Above all, if you are seriously concerned about the scale of the incident, contact your IT team or an external managed service provider (MSP) to temporarily shut down your entire IT system as soon as possible.