Information Security Incident Reporting

Last updated: 2023-09-21
Was this article helpful?
4 of total 4 found this helpful.

A security incident is any attempted or actual unauthorized access, use, disclosure, modification, or destruction of information. This includes interference with information technology operation and violation of campus policy, laws or regulations.

Examples of security incidents include:

  • Computer system breach
  • Unauthorized access to, or use of, systems, software, or data
  • Unauthorized changes to systems, software, or data
  • Loss or theft of equipment storing institutional data
  • Denial of service attack
  • Interference with the intended use of IT resources
  • Compromised user accounts

Information Security Incidents include:

  • Unauthorised access attempts (hacking)
  • Unauthorised scanning of networks or computers
  • Denial of service (DoS) attacks
  • Defacement of websites
  • Theft, or loss of critical data or IT equipment
  • Disclosure of private information
  • Disclosure of passwords or other authentication credentials
  • Unmanaged virus or malware infections
  • Any other suspicious events or queries.

What to include in reports:

Please supply as much information as possible about the incident. This might include:

  • Times and dates of events
  • IP addresses or hostnames of computers
  • Usernames or identification of people
  • Operating system or software versions
  • Any error messages or behaviour displayed
  • Contact details where we can reach you for follow-up
  • Please do NOT include passphrases, PINs or other private information.