My Website Was Hacked – Now What?!

43% of small biz owners have no cybersecurity plan in place.

BullGuard Study, 2020

With lower barriers to entry, more and more small businesses launch online every day. Unfortunately, most of those new business owners never think about protection for their own or their customers’ data. With no plan, a cyberattack is just a matter of time. So what do you do if your website was hacked?

When your site goes down – or when you find porn links plastered across your home page, as one of our nonprofit clients did – you feel frustrated, angry, and violated. After all, someone has infiltrated your digital real estate, and that’s the same as kicking in the front door of your home or physical business location.

47% of small businesses have no idea how to protect themselves against cyber attacks.

Keeper Security, 2018

The first thing to understand is that in almost all cases, it’s not personal. It’s a crime of opportunity. Think of a group of teens roaming through a parking lot at the mall, checking car doors to see which one is open. It’s certainly malicious activity, but generally not motivated by anything more than greed or boredom.

On your website, this usually takes the form of a brute force attack – banging at your front door with alternating passwords until they find a way in. Hackers run programs that sniff out outdated software and weak passwords on website admin pages. Like most business leaders, you’re working hard to serve customers, manage their teams, and grow your sales. That also means you’ll likely ignore website maintenance and security until it’s too late. Once your website is hacked, it’s a race against time to resume normal operations and remedy revenue losses.

What to Do When Your Website is Hacked

Step 1: Get help!

As soon as you notice that something isn’t right, or your site isn’t available, reach out to a qualified professional to assist with protecting your digital assets from the attack and hardening your security. Companies like Sucuri and MalCare are great at sniffing out and resolving active attacks. Sucuri offers plans to actively monitor your site security, and MalCare offers plans with a WordPress plugin that will leave more control in your hands.

Step 2: Stay Protected

First, change your website and email passwords to something strong and easy to remember. We recommend a sentence or phrase 3-5 words long, no spaces, using special characters for some letters. Then, make sure you get ongoing protection. A website care plan ensures that your website is monitored and protected around the clock, and that essential software updates and backups are taken care of promptly.

Beware of Emails, Too

More than 30% of small businesses fall for phishing traps.

Verizon Data Breach Investigations Report

An even bigger problem than brute force attacks is phishing. In fact, the most popular security traps for small business owners are email and social phishing scams. Be vigilant, and be skeptical of quizzes and “special offers.”

Don’t let negligence or anxiety about your tech skillset keep you from protecting yourself – and your clients – from data attacks and loss.

Get our best advice in your inbox! Learn to market like a team even if you're a solo empire.

Get twice-monthly tips and techniques for building a marketing program that grows with you. Each email delivers advice for managing content, distributing your message, and a few extra perks you’ll just have to sign up to see!

ContComp Blog Subscribe

You might find these helpful, too:

This site uses cookies.

Our website stores cookies on your computer. These cookies are used to collect information about how you interact with our website, allow us to remember you, and help provide you with a great user experience.

Speak directly to the clients you want.

Subscribe for strategies to increase your sales opportunities.


We’ll also invite you to webinars and offer our services. The power is in your hands, unsubscribe anytime.