Maxim_Kazmin - Fotolia

Problem solve Get help with specific problems with your technologies, process and projects.

How do I restore my Exchange 2010 database after a hack?

Hackers corrupted my Exchange 2010 files, so now I can't open them. How can I restore my server and prevent this from happening again?

If a hacker compromises the system Exchange Server runs on, immediately take corrective actions.

Options to mediate the hack include removing the system from the network, resetting all local account passwords and the passwords for the admin domain accounts, running antimalware software to clean the system or even taking the system offline.

But once a system has been hacked, it's hard to trust that system after restoring Exchange 2010. Even if you run antimalware and get a clean bill of health, there's always concern when something with your Exchange 2010 database misbehaves -- the hackers remain.

With Exchange Server's architecture, the physical servers are commodities that can be swapped out or replaced. To restore Exchange 2010 database, treat the hacked server as if it failed, and perform disaster recovery steps to replace it. This gives you a clean server with a fresh installation of Exchange 2010.

Microsoft provides the following restore procedures:

Activate a lagged mailbox database copy

Using Windows Server Backup to restore Exchange data

If your Mailbox server role is hacked, you should be concerned about potential data loss in end users' mailboxes. However, the restore procedures for data loss in Exchange require that you take appropriate steps before the attack to back up your data. Even a highly available Exchange Server deployment using database availability group members to create data redundancy doesn't suffice for all scenarios. Lagged database copies and backups enable you to recover Exchange from a rogue administrator or hacker's attack on your data.

Next Steps

Restore a corrupted domain account

What happens after restoring an Exchange backup?

Back up Exchange data to recovery storage groups

How to restore Exchange 2010 administrative permissions after a migration

Dig Deeper on Exchange Server setup and troubleshooting