The document provides steps to take if a TYPO3 website has been hacked, including immediately taking the site offline, preparing a forensic analysis by backing up files and data, and restoring the site from backups after updating security. It also outlines information to gather about the incident and questions to consider, as well as recommendations for staying secure going forward such as changing passwords, keeping software updated, and hardening the server configuration.