Every organization should have an incident response plan that tells employees what to do and who to contact if their system has been hacked. If you don't already have one of these plans in place, it might be because it can be difficult and intimidating to make one up from scratch.
This repo contains a Mad Libs fill-in-the-blank style Incident Response document in markdown format you can use as a starting point for building your own Incident Response Plan.