Report an Information Security Incident
Para ver la informacion de esta pagina en Español seleciona Español en el menú debajo.
- Security Incident Report Form (CruzID Gold password required)
- Email: help@ucsc.edu
- Phone: 831-459-4357
What is a Security Incident?
A security incident is any compromise of the privacy, integrity, or availability of institutional information or IT resources. Security incidents include cyberattacks, such as a compromised system, and physical violations, such as computer theft. Other kinds of security incidents include physical break-ins, policy violations, and privacy violations.
All UC Santa Cruz employees and contractors must promptly report violations. If you suspect or witness a security incident, report it as soon as possible to your supervisor and the ITS Support Center. Be sure to indicate whether sensitive information may be at risk.
Types of Security Incidents
Cyberattacks
A cyberattack is any attempted or successful unauthorized access, disclosure, or misuse of computing systems, data, or networks.- Beware of signs your computer might be infected.
- If you think your computer has been compromised, or someone might be accessing your computer remotely, it is best to unplug the network cable, turn wireless off, and leave the computer on until help arrives.
- Report phishing scams to Google.
Computer Theft
Computer theft includes personal and UCSC-related computing equipment, including mobile devices.
- Report suspected computer theft to the police, Risk Services, the ITS Support Center, and your supervisor. On-campus theft: Contact the UCSC Police Department at 831-459-2231.
- Off-campus theft: Contact local police.
- For university-owned devices, report a claim through Risk Services.
- Be sure to tell the ITS Support Center if the stolen equipment contains any sensitive information.
- See the checklist for lost/stolen mobile devices on the Protecting Mobile Devices page.
Other Security Incidents
Other security incidents that should be reported include:- Physical break-ins. Even if you are unsure what, if anything, was compromised or taken.
- Policy violations. A situation that involves willful or unintentional violation of information security policies.
- Privacy violations. Any suspected or actual exposure of personal information in violation of an individual’s right to personal privacy.