Most traditional WiFi access points have to partially let a user onto the network, before checking their credentials. Allowing hackers this foot in the door often leaves you open for attack, but so do human mistakes like sloppy password security procedures.
Either way, if you discover your WiFi network has been hacked, you need to move quickly.
As with any break-in, you need a list of everything that was stolen or tampered with. Your server records should have most of that information, along with details such as the IP address the attack came from. It's vital you capture this information ASAP. Most of your clues will be there, both to who did it and what was done to you.
At this point, two things need to happen, so these should be concurrent if at all possible:
Your networking team should now be focused on one thing: finding how the intruder got into the system. There is a hole that needs to be plugged, as quickly as possible. This is especially true given the number of remote monitoring and controlling 'bots' there are in circulation right now. That hole in your WiFi network may be leaking your secrets as long as it stays open.
For simplicity, let's say there are two basic questions you need to answer, and quickly.
Was any consumer data compromised?
and
What data protection regulations are involved?
If you're in a situation where the public should/must be advised of your attack, you will always look better the more quickly you come forward with it. Attempting to cover up an intrusion where any consumer data was compromised, even email addresses, is generally not a good idea. In many cases, it's outright illegal. Either way, if it becomes public anyway, it's a PR nightmare.
Beyond getting the initial attack and its effects handled, remember to address the initial cause of the problem. What changes in your procedures would have prevented the attack in the first place? If there was a human element involved, such as a stolen password, would more training on data security help? A legitimate good-faith effort to root out the problem helps you in the long run, as well as making you appear genuine in the public sphere.
You might even consider upgrading to distributed vWLAN networks, which remove virtually all the security holes that plague traditional WiFi access gates.
If you want a great guide to what to do and not do, look to Sony's performance in the wake of their 2011 hack attack: They were initially criticized for sitting on the information for a week, but then, they thoroughly addressed the problem, properly notified customers, and threw in a lot of freebies on top. Aside from waiting too long for disclosure, their response is often hailed as model.
There are solutions out there that can help reduce the risk. Contact uswe can help you
explore the options.