Anonymous person (under a nickname) sent screenshot as a proof that they managed to gain SSH access to our production server. The screenshot is legit, information displayed in it could not be faked without actual access.
Just a proof, not some ransom request or anything equal.
What would be a smart next step? Other than checking if there are any security updates for all the software in our stack.
We are a small company and don't have any security experts, etc.