UD Seal
Report an IT Security Incident

Report an IT Security Incident

An IT security incident is any event that has or is likely to result in the compromise of the confidentiality, availability, or integrity of University information or a device that processes, stores, or transmits it.

An IT security incident may occur for a variety of reasons:

These kinds of events represent great risk to many parties. Risk may be legal, financial, operational, or reputational. It affects the University as a whole and any individuals or other organizations that have a stake in the resources compromised.

Follow the procedures below to appropriately report IT security incidents.


Incident What you need to do
Security breach
(detected by unit)
  1. Notify IT via email to IT Security.
  2. Breach notification procedures must be followed if sensitive University information is stored on or accessible from the compromised system.
Security breach
(detected by IT)
  1. IT disables the system's network connection and notifies the unit's IT professional or other administrative contact of the incident. Systems must be left on and unplugged from the network.
  2. The unit determines if high-risk confidential or PII is present.
  3. Breach notification procedures must be followed if sensitive University information is stored on or accessible from the compromised system.
  4. The unit describes any actions taken to clean the system. IT re-enables the system's network connection.
Phishing Report phishing scams to IT for investigation and inclusion on the Secure UD Threat Alerts blog.
Device Theft
  1. Report theft to Public Safety at (302) 831-2222.
  2. If sensitive University information was stored on the device, notify IT via e-mail to IT Security.
Copyright infringement Send email to  IT Security
Electronic threats to personal safety Call Public Safety. Emergency calls, dial 911. Non-emergency calls, dial (302) 831-2222.
General security incidents Contact the IT Support Center. Include intact firewall logs or other evidential matter in your email.
Spam Forward any spam received to the Federal Trade Commission, making sure you include the full email header, which is required to investigate the complaint.
Internet fraud Contact the Internet Crime Complaint Center (IC3), or use the FTC Consumer Complaint form to report a company or organization.