Report an Incident
Information security incidents are part of our current environment and can happen to anyone. If you believe an incident has or may have occurred:
- Don't try to address or solve the incident on your own.
- Immediately contact us at the CES Security Operations Center using the links below.
- Please report the incident to your management chain.
- Cooperate with any analysis or investigation that may follow.
If you need to report a suspicious email, follow the instructions on our phishing page.
Security Incident FAQs
Toggle ItemWhat is a security incident?
An information security incident is defined as an attempted or successful unauthorized access, use, disclosure, modification, or destruction of information; interference with information technology operation; or violation of acceptable use policies. An IT security incident is any event that has or is likely to result in the compromise of the confidentiality, availability, or integrity of university information or a device that processes, stores, or transmits it. Examples of information security incidents include, but aren’t limited to:
- Unauthorized attempts (failed or successful) to access, use, modify, disclose, or destroy information, information systems, architecture, and applications.
- Loss or disclosure of sensitive university information. • Unauthorized access (or attempted access), use of or changes to system firmware, software or hardware.
- Violation of acceptable use policies for university information or technology.
- Interference with the operation or intended use of university information technology resources, including a denial of service attack.
- Loss or theft of a university-owned device, or a personally-owned device that contains university data.
- Unauthorized access to or exposure of sensitive information, such as Social Security numbers, whether accidental or intentional.
- Unauthorized use of user credentials or impersonating another university user.
Toggle ItemWhat are some indications that my account may be compromised?
- Your contacts are receiving emails that you did not send.
- Changes have been made to account that you did not make.
- A pop-up window instructs you to call a number for ‘help’ or to update your software.
- Changes appear to your class schedule, personal information or financial aid that you did not initiate.
- Unwanted browser toolbars appear, or web searches are redirected.
- Friends receive social media invitations you didn’t send.
- Your password doesn’t work.
- Unfamiliar software is installed unexpectedly.
Note: This list is not all inclusive
Toggle ItemWhat should I do about a missing or stolen device?
In any incidents of physical threats or theft of equipment, report the incident to the police.
On Campus BYU Police 801-422-2222 Off Campus Provo City Police 801-852-6210
If the incident involves a university device or a personal device storing sensitive university information, then notify the OIT service desk as well by calling 801-422-4000 or starting a live chat.