Report an IT Security Incident

Report an IT Security Incident

An IT security incident is any event that has or is likely to result in the compromise of the confidentiality, availability, or integrity of University information or a device that processes, stores, or transmits it.

An IT security incident may occur for a variety of reasons:

If you know or suspect that an incident has occurred, take these steps:

  1. If a device such as a computer has been compromised,
    1. Disconnect it from the network.
    2. Keep the device powered on.
    3. Try to preserve the current state of the device; don't change anything you don't have to.
  2. Tell your local IT Professional or Central IT immediately. Provide as much information as you can about the incident (e.g., when you noticed it, what appears to be affected, what kind of data is on the device, etc.).

The table below offers more information about how to report specific types of incidents.

Incident What you need to do
Security breach
(detected by unit)
  1. Notify IT via TDX.
  2. Breach notification procedures must be followed if sensitive University information is stored on or accessible from the compromised system.
Security breach
(detected by IT)
  1. IT disables the system's network connection and notifies the unit's IT professional or other administrative contact of the incident. Systems must be left on and unplugged from the network.
  2. The unit determines if high-risk confidential or PII is present.
  3. Incident escalation procedures must be followed if sensitive University information is stored on or accessible from the compromised system.
  4. The unit describes any actions taken to clean the system. IT re-enables the system's network connection.
Phishing Forward suspected phishing emails to for investigation and inclusion on the Secure UD Threat Alerts blog. Include the email headers where possible.
Device Theft
  1. Report theft to Public Safety at (302) 831-2222.
  2. If sensitive University information was stored on the device, notify IT via TDX.
Copyright infringement Send email to IT Security
Electronic threats to personal safety Call Public Safety. Emergency calls, dial 911. Non-emergency calls, dial (302) 831-2222.
General security incidents Notify IT via  TDX. Include intact firewall logs or other evidential matter in your email.
Spam Forward any spam received to the Federal Trade Commission, making sure you include the full email header, which is required to investigate the complaint.
Internet fraud Contact the Internet Crime Complaint Center (IC3), or use the FTC Consumer Complaint form to report a company or organization.