What to do in the first 10 minutes, 10 hours, and 10 days — without panic
What to do if you’ve been hacked: a calm, step-by-step guide for business owners, family offices, and HNWIs to contain, assess, and prevent further damage.
It wasn’t dramatic.
No black screen. No ransom demand. No “system compromised” alert.
Just a bank notification that didn’t make sense. An email you never sent. A password reset you didn’t request.
And suddenly, you’re not wondering if something happened.
You’re wondering how bad it is.
If you’ve ever had that moment or want to be prepared in case you do, this guide is for you.
First: Pause. Then Contain.
In the first 10 minutes, here’s what we recommend
In the First 10 Hours: Lock It Down
Change passwords from a clean, secure device
Focus on your email, financial accounts, cloud storage, and shared platforms first.
Turn on multi-factor authentication (MFA)
If it wasn’t already enabled, this is your moment. It’s one of the most effective tools you have.
Review login history and inbox rules
Many attacks involve email forwarding rules or access from unfamiliar devices. These often go unnoticed until it’s too late.
Notify your bank or financial institution
If there’s even a chance of exposure, flag it. Many institutions have proactive fraud protocols and can help you secure accounts immediately.
Over the Next 10 Days: Investigate and Strengthen
Bring in a trusted cybersecurity partner
Someone who can look at your digital environment holistically not just the software, but how people, devices, and habits intersect.
Audit who has access to your systems
That includes assistants, accountants, vendors, service providers, or anyone else with login credentials.
Review personal and home networks
Especially if you have multiple properties, smart home systems, or staff who work across locations.
Evaluate how you share sensitive information
Is your calendar public? Do vendors use secure channels? Are personal assistants accessing accounts on unsecured devices?
Want to start with something simple? How secure is your personal assistant?
You Might Not Know the Full Extent — Yet
This is what makes modern breaches so difficult: They’re often invisible. There may not be any obvious signs but credentials could still be exposed. Accounts could still be monitored. Sensitive information might still be in the wrong hands.
And if someone was in, your goal isn’t just to lock them out. It’s to understand what they touched and make sure the door doesn’t swing open again in the future.
You Don’t Need to Know Everything. You Just Need Clarity
We’ve worked with clients across industries, lifestyles, and business models. Entrepreneurs. Private households. Multi-property families. Some with internal IT. Many without.
What they all have in common:
A desire to stop guessing and start seeing clearly.
You don’t need to become a cybersecurity expert.
You don’t need to panic.
You just need a second set of eyes — someone who’s seen what others miss.
And when you're ready for that deeper look — digital, physical, or both — we're one call away.
