Web sites, iphones, everything connected to the internet can get hacked. It is no surprise. There are just too many possible ways to take control. More and more, its happening via external tablets, notebooks, and the like that are brought into the workplace with a virus. Then there are people who do it maliciously because they are unhappy with their boss. If a system administrator does it, everything is potentially a loss.
That's why a question asking what are they going to do is meaningless. First, they have to find out how the system was compromised, and then plug the leak. There will be another in the future.