Search This Site

 

Main menu

Information Security Incident

Any event that, regardless of accidental or malicious cause, results in:

  • disclosure of University data to someone unauthorized to access it,
  • unauthorized alteration of University data,
  • loss of data which the University is legally or contractually bound to protect or which support critical University functions,
  • disrupted information technology service,
  • a violation of the University’s information security policies.

Examples of such incidents include, but are not limited to:

  • Malicious software installations on electronic devices that store University data not routinely made available to the general public, e.g., employee evaluations, or data the University is legally or contractually bound to protect, e.g., social security numbers, credit card numbers, Protected Health Information (PHI), research data, etc.
  • Loss or theft of electronic devices, electronic media, or paper records that contain University data not routinely made available to the general public or data the University is legally or contractually bound to protect.
  • Defacement of a University website.
  • Unauthorized use of a computing account.
  • Use of information technology resources for unethical or unlawful purposes (incidents involving employees and pornography should be reported directly to University Human Resources).
  • Contact from the FBI, Secret Service, Department of Homeland Security or other law enforcement organizations regarding a University electronic device that may have been used to commit a crime.

Report an Information
Security Incident

Please report any level of incident, no matter how small. The Information
Security office will evaluate the report and provide a full investigation if appropriate.

Complete Report Form