Sounding the Alarm
If you have just found out that your website has been hacked, it is time to sound the alarm and get all the reinforcements you can.
Depending on the site, and what your role is, there may be a lot of people to contact, or there may be only a few.
Contacting Your Webhost
One of the first people you will need to contact is your webhost, they are the ones that will be able to help you with a lot of what is going to be needed in the coming hours.
Depending on the hosting package you have, you may need to submit a support ticket, send an email, register for a live chat or be able to give them a phone call.
In situations like this, you realise just why it is often worth paying that small amount extra in order to make sure that you have direct phone support, rather than simply email support.
Once you are in contact with your webhost, they will more than likely have an action plan in place for situations such as these, and they will often become that reassuring third party that will help you know that everything is going to be ok.
You will need to give them as much specific information as possible, yet not overload them with unnecessary information.
This initial contact is just enough for them to start their action plan rolling. They may also need to investigate their own servers (particularly if you are on shared hosting) to make sure that a) there is no threat to other customers, and that b) the threat has not come to you because of another customer.
Contacting your Boss and Co-Workers
If you are working on your own, then you will obviously be skipping this step.
If you are working in an organization that has many people who work on the website, or who’s work is influenced by the website, then it is important to let them all know that the site has been hacked and that steps are being made to bring it back to safety.
You may be hesitant about telling your boss, but you need to remember that this is not your fault!
Your boss may need to get ready for some additional contractors to come in and help with the clean up, as well as the fact that you do not want your boss to find out from another source and then ask you why you did not inform them.
Sounding the alarm and getting all hands on deck for the cleanup is far more important than trying to keep a problem concealed until a solution has been found.
Contact your SEO Supplier
If you have an agency or a contractor, or even an employee, whose primary role is maintaining the SEO for your website, then bring them into the fray early on.
Depending on the type of hack that you are experiencing, they may have a great skill set to be able to assist in the discovery and removal process of any changes that have been made to your website.
It is also likely, that they may be one of the few people who have regular access to your Google Search Console, as this is primarily a tool used for SEO professionals to assist with their job role.
Web Security Professionals
I will go out on a limb and assume that since this hack occurred, you probably do not have a web security provider that pays regular attention to your website.
One myth that may be worth dispelling now, is that web security is an inherently expensive product/service that is only really necessary for large websites that house very important or sensitive data.
As you can now see, even smaller websites face security threats.
I would strongly recommend that you reach out to some professional website security providers and have them assist you with the coming tasks.
They will then also be able to greatly assist you in the process of setting up a better line of defense against these types of attacks occurring again.
This situation kind of reminds me of when I avoided taking my car in for a service for a very long time, right up until it finally broke down on me.
The mechanic quite rightly pointed out to me that any money that I thought I was saving at the time, was instantly lost due the fact that prevention tends to be far cheaper than a cure.
As each of these professionals and individuals start their work to fix the website, it is important that everyone stays in communication with one another. For example, if your SEO finds that there are malicious spam links in a certain folder, then everyone should be updated as to the changes that have been found.
Information such as this will help everyone else in determining what needs to be done next.
Notifying Affected Parties
This is certainly something you are not going to enjoy. If you have lost personal or financial information for your users, you have a duty of care to let them know. Likewise, if your company has a board of directors or shareholders, you have a responsibility to let them know. You will also need to let your manager or boss know also.
For financial data loss, you will need to let the users know as quickly and directly as possible; and you will also need to let your credit card processors know that you have had a breach.
For personal data loss, you will need to let your database know as quickly as possible.
Depending on how severe the data loss has been, you may wish to seek some professional assistance from a PR firm.
The next thing you will need to do is check Google Search Console.