Call your IT manager. These people will (probably) know what to do, provided they are familiar with the matter. Calling in your IT party, internal or external, is the first step. They will find out where the hack took place, know how to stop it immediately or cut it off and make sure the damage is limited as much as possible. You also want to secure data about the hack, such as log files of servers, network equipment, etc. This way you can also find out what went wrong or discuss this with a specialised security company (e.g. Northwave). This may also be important to see how you can prevent further security breaches and your insurance may ask about it.