Target, Home Depot, Sony, and many more have something in common. Someone inside their networks, either internally or via a third-party supplier, opened the door to give free reign to hackers.
Of course, anyone who clicks an unsuspecting malicious link hasn't deliberately put their company at risk. It also does the boss no good if he or she singles out and punishes the employee.
What will lessen the chance of this happening is if your company actually invests money into its IT, rather than just pay lip service with an anti-virus here and a firewall there. That may be okay for one computer but if you have more than one synced to a server, installing more than one level of security will make it more difficult for the bad guys to sneak in.
The other thing you can do is train your staff to be more diligent about what might be construed as a phishing link, whether it is in their social media feeds, email, or from an online search for information. They should also be trained on the art of making up a password. If you have to tattoo it to your elbow to remember, so be it, but the simpler and more obvious the password, the wider the door has been left open.
Alex Holden sniffed down a group of Russian hackers who infiltrated 420,000 websites, stole the credentials, and used them for their spam campaign. In an interview with +Mitch Jackson on +Human.Social he lists steps you must take if you think you've been hacked.
1. Assess the situation. What was taken? How was it taken? Was there more than one entry point?
2. Preserve the evidence.
3. Get the right people to advise you.
4. The process of recovery is a delicate one and cannot be rushed.
Here is the entire interview.