Reporting fraud and what to do if you've been hacked
You should take steps to protect your business if your website or networks have been:
- hacked
- infected by malware
You can find guidance on the National Cyber Security Centre website about planning your response to a hacking or malware incident, if you're a:
- smaller business
- larger business
- board member
Passwords
If you, or a member of your staff, think their password has been hacked, you should change the password immediately and report this to your IT department.
If the password is for a bank account, you should contact the bank straight away.
Reporting
You can report fraud or online crime, involving any incidents of hacking or malware to Police Scotland:
- by telephone 999 (emergency) 101 (non-emergency)
- in person at any police station
You might also need to get in touch with your customers or suppliers if their data has been stolen or lost.
There are some incidents that organisations need to inform the Information Commissioner's Office (ICO) about. This includes a personal data breach under GDPR or Data Protection Act 2018.
A personal data breach is a breach of security that means personal data is accidentally or unlawfully:
- destroyed
- lost
- changed
- disclosed
- accessed
You can complete an assessment to find out if you need to report to the ICO on the ICO website.
Cyber-security Information Sharing Partnership
The Cyber-security Information Sharing Partnership allows businesses to share information about online threats. It's run by businesses and the UK Government.
There is a problem
Thanks for your feedback