Reporting a Computer Security Incident
What is a Computer Security Incident?
A computer security incident is any attempted or successful unauthorized access, disclosure, or misuse of computing systems, data or networks (including hacking and theft).
A computer security incident may involve any or all of the following:
- a violation of campus computer security policies and standards
- unauthorized computer access
- loss of information confidentiality
- loss of information availability
- computer/device theft
- compromise of information integrity
- a denial of service condition against data, network or computer
- misuse of service, systems or information
- physical or logical damage to systems
Examples of computer security incidents include but are not limited to:
- lost or stolen equipment
- presence of a virus or spyware or any other malicious program, including alerts from your antivirus software that your computer may have malware
- sudden appearance of unexpected/unusual programs
- posting of confidential/restricted data to a publicly-accessible website
- inadvertent sending of restricted data to unauthorized recipients
- establishment of an unauthorized account for a computer or application
- unusual network connections to a computer
- sharing/revealing passwords
Theft of Computing Equipment
Report suspected theft of SUNY Cortland-related computing equipment to the police in addition to notifying the The Help Center and your supervisor.
- On-campus theft: Contact the University Police Department at 607-753-2112
- Off-campus theft: Contact local police
- Be sure to tell The Help Center if the stolen equipment contains any sensitive information
Checklist for Lost or Stolen Mobile Devices
- Immediately report lost or stolen devices to the police
- Report to the University Police Department for campus incidents and local police for off-campus incidents (phone is best)
- Always get an incident or report number
- Call them back if the item is found, including if a separate agency contacts you regarding a found device
- If you used the device for work
- Also report it to The Help Center so they can help identify and address potential compromised accounts or data
- Notify your supervisor if it was a college-owned device
For phones, notify your cellular carrier — see if they can deactivate the device
- Change all passwords stored or used on the device, including email, Dropbox, banking, etc.
- Notify credit card companies and banks if you used the device for shopping or banking
- Try to track its location, if possible
- Try remote wipe if sensitive data or passwords were stored, if the device contained college owned data Information Resources where appropriate and available may wipe the device remotely.
Reporting Spam and Phishing (email)
For Phishing (email scams) please reference the how to report a phish site..
Content referenced from our friends at the
Information Technology Services (ITS) at UC Santa Cruz
- Report anything unusual. If it sets off a warning in your mind, it just may be a problem. Don’t ignore it!
- Immediately report suspected security incidents and breaches to your supervisor and The Help Center. Be sure to indicate whether sensitive information may be at risk.
- If you think your computer has been compromised, or someone might be accessing your computer remotely, it is best if you can unplug the network cable (and turn your wireless off, if you have it) and leave the computer on until help arrives.