Report an IT Security Incident
An IT security incident is any event that has or is likely to result in the compromise of the confidentiality, availability, or integrity of University information or a device that processes, stores, or transmits it.
An IT security incident may occur for a variety of reasons:
- A hacker bypasses cyber security features to acquire sensitive information.
- A device containing sensitive information is lost while on a business trip.
- A file containing sensitive information is stolen from an office.
If you know or suspect that an incident has occurred, take these steps:
- If a device such as a computer has been compromised,
- Disconnect it from the network.
- Keep the device powered on.
- Try to preserve the current state of the device; don't change anything you don't have to.
- Tell your local IT Professional or Central IT immediately. Provide as much information as you can about the incident (e.g., when you noticed it, what appears to be affected, what kind of data is on the device, etc.).
The table below offers more information about how to report specific types of incidents.
|What you need to do
(detected by unit)
(detected by IT)
|Forward suspected phishing emails to firstname.lastname@example.org for investigation and inclusion on the Secure UD Threat Alerts blog. Include the email headers where possible.
|Send email to IT Security
|Electronic threats to personal safety
|Call Public Safety. Emergency calls, dial 911. Non-emergency calls, dial (302) 831-2222.
|General security incidents
|Notify IT via TDX. Include intact firewall logs or other evidential matter in your email.
Forward any spam received to the Federal Trade Commission, making sure you include the full email header,
which is required to investigate the complaint.
|Contact the Internet Crime Complaint Center (IC3), or use the FTC Consumer Complaint form to report a company or organization.