How to tell if your business has been hacked

Chloe Bell
By Chloë Bell, Content Journalist

Having your security hacked can be a stressful experience. But when you run a business, it can be even more serious as the hacker can gain access to your customer details and personal information. This can have a negative effect on your reputation and customer base.

Hackers also have the potential to meddle with your finances, impersonate your business and cause lasting damage. So, to help you keep savvy online, Bionic has written up a guide to hacking to help protect your business online from scammers. 

A computer screen shows a 'system hacked' error message on it in orange lettering

What is hacking?

Hacking is where a person gains access to a computer or data system without permission from the owner. They’ll then identify weaknesses in your business site or security and play on these to gain unauthorised access to personal or business data. 

The main thing you should put in place is a good security system and ensure that you are being as safe as possible when using the internet. Unfortunately, sometimes even the best security systems can be compromised by hackers. To find out more about keeping your business secure online, check out our guide to Internet Security

Why do hackers target businesses?

Sometimes hackers target businesses for a specific reason. Sometimes it can be because they’ve done in-depth research and found that a particular business would be an easy target because of a lack of security. However, at other times, businesses could be hacked by pure chance and luck from the hacker's side.

A hacker usually targets a business to steal money, commit identity theft or carry out other fraudulent activity. However, some hackers want confidential customer details stored by a company to sell to the highest bidder.

How can hacking affect a business?

There are a lot of ways hacking can negatively affect your small business. Other than hitting pause in the daily running of your business, there are a few short and long-term consequences.

Identity Theft

The hacker could bypass your security and commit identity theft. Businesses usually have secure information — such as customer credit cards and account details — stored online. 

There’s potentially other personal employee information — like national insurance numbers, home addresses and health care information — on file. A computer hacker can access this sensitive information, which in turn could lead to identity theft. This may not only be harmful to your employees and current customers but also to your business' reputation.

Website Security

Computer hackers can damage websites, usually with a virus. These viruses are able to destroy data and put website security at risk.  

Some viruses can be so malicious that the data they destroy can't be recovered, resulting in you needing to build your site again from scratch.


A hacker could potentially tap into your email and impersonate your business, contacting your customers, staff or suppliers.

By accessing the email accounts of employees, hackers can often steal confidential documents and personal information that can be used against your business. 


Hacking can hugely affect your business’s credibility. If your customers have had their information stolen, they're likely never to do business with you again. They may claim compensation and if the story gets out to the local press, then your business could suffer from extremely bad publicity. 

What are the main types of hackers?

There are a few main types of hackers, not all of them are malicious and some actually work to protect your business. 

  1. White-hat hackers — White hat hackers are ethical security hackers who identify and fix issues. They hack with the permission of your business and uncover any weaknesses that may leave you vulnerable to malicious hackers.  
  2. Grey-hat hackers — Grey hat hackers may not have malicious intent but usually, they don’t have the consent of the businesses they hack into. Usually, when grey hat hackers uncover weaknesses in a site or system, they report them. However, they are not ethical as they often demand payment in exchange for providing details.
  3. Black-hat hackers — Black hat hackers are online criminals who illegally hack into systems with malicious reasoning. When a black hat hacker finds a security hole, they exploit it by planting a virus or another form of malware.
  4.  Green hat hackers — Green hat hackers are often inexperienced hackers, they rely on phishing and online scamming.
  5. Blue hat hackers — Blue hat hackers are essentially white hat hackers but they are employed by a business to improve their online security.
  6. Red hat hackers- Red hat hackers are sometimes known as vigilante hackers. They fight against black hats by hacking into their communities on the dark web. Their aim is to put a stop to the illegal activity of Black hat hackers.

How to know if your business has been hacked

There are a couple of ways you can tell if you’ve been hacked. Keep an eye out for the following:

  • Irregular changes to files — If changes are being made on your computer (for example if folders have been deleted or renamed) and you and your staff aren’t responsible, then you might have been hacked. 
  • Spam emails sent from internal email accounts — If your customers are receiving odd mail from you. This could be asking them to pay extra for delivery or confirming receipt of an order without making one among others.
  • Unusual financial activity — If financial exchanges are being made that you have not authorised. 
  • Unplanned software installation —If icons appear on your desktop and you don’t know where they came from or software updates appear and there’s no option to decline.
  • Problems with software and technology — If your devices start running slow for no apparent reason.

How to know if your business has been hacked

If you’ve noticed any of the above changes, it’s important to know what to do in order to protect your business. 

Spot the signs

If you spot that something isn’t right, then make sure you jump into action immediately. The longer you ignore a potential security threat, the more damage will be done in the long run.

It’s wise to use an external security checker regularly, then, they can notify you of any changes or security breaches. However, if this isn’t feasible, learn the signs above and keep a check on your own systems to recognise the signs. 

Report a data breach and notify your IT team

If you’ve identified a breach, you must notify your IT team immediately to see if they’ve noticed anything going wrong with the system. They will be able to help safeguard against any information getting taken from your business. 

Let your insurer know

Contact your insurance company immediately. If you have a cyber insurance policy, then great, you can start the claims process and limit any financial loss. If you don’t, you might want to look into it as it can really help if you find yourself threatened by online hackers. Check out the Bionic Business Insurance service page to find out more. 

Investigate the incident

You must then try to uncover what caused the breach and stop it from happening again in the future. The loophole that allowed the hacker to infiltrate may have been down to staff error, a targeted attack or something completely out of your control, but it’s best to uncover the cause. 

You may want to work with an external consultant who can help you to understand what went wrong. This can be useful for a business as a pair of fresh eyes can often uncover things you and your team may have overlooked. 

Keep your employees updated

You should always keep your staff in the loop and train them on how to recognise if something isn’t right. Tell them to look out for odd email activity with attachments or links. These are common ways hackers can get into your business system. 

Protect from future attacks

The rebuilding process can be tough, but it’s important to fix any issues moving forward so that your business is as strong as possible for the future. See if there are any systems that can be updated or changed to limit security loopholes.

How to protect your business from hackers

But how exactly can protect your business from future hacks? There are a few things you can do.

  • Train your team to identify signs of a hack — If every staff member is well trained on the protective steps and security measures, there will be more people looking out for a breach.
  • Carry out good password hygiene — Change your username and password on a monthly or even weekly basis. Include multiple numbers, case-sensitive characters and random symbols in your password so it’s harder for hackers to guess. 
  • Keep your software up to date — Make sure to keep the software on your computer updated. You can set these up to be updated automatically if you like as it leaves you with one less thing to worry about.
  • Enable two-factor authentication —Two-factor authentication asks you to present another form of credentials before you can gain access to a site, usually via inputting a code sent to your phone. Without access to both devices, the hacker won’t be able to infiltrate your system. 
  • Install anti-virus software — Install firewall and antivirus software on all your devices. This will give you peace of mind that you’re protecting your business as much as you can.
Quote by Tom Grange, Head of Connectivity - "Although often overlooked, complicated passwords really do make it harder for hackers to gain access to your networks, so make sure your employees consider this when choosing them. Software such as LastPass alleviates the issue of remembering passwords whilst protecting them with enhanced security."

How can Bionic help protect your business?

At Bionic, we have lots of advice on protecting your business against hackers, we also compare business insurance for you.

Bionic can help you save time, hassle, and unnecessary admin when sorting business essentials too. We compare business gas and business electricity, as well as business phone and broadband to help make sure you're on the best deals for your business. Get in touch to find out more.