Report A Security Incident
Experiencing an actual or suspected information security incident? This page contains guidance on how to report different types of incidents, as well as tips on what to do (and what not to) based on the situation. Reporting incidents helps minimize incident impact, while also helping UCI strengthen our defenses against future incidents. Thank you for your help in protecting our campus.
If you think your computer has been compromised and you have University restricted data such as Social Security Numbers or Personal Health Information, report it immediately.
- If it is still in your possession, remove the computing system from the campus network.
- Do not turn the system off / shut it down.
- Do not run anti-virus, anti-spyware, or other "cleaning" tools.
- Campus: Contact the OIT Help Desk at (949) 824-2222 to report that a potential data breach has occurred and request immediate notification of the OIT Security Team and the Security Breach Lead Campus Authorities. Send detailed information to email@example.com and firstname.lastname@example.org.
- UCI Health: If you think there has been a HIPAA violation, please use the confidential line to report it to UC Irvine's Health Privacy Officer at 1-888-456-7006 or contact the UCI Health Service Desk at 714-456-3333 and request the Data Security team.
- File a report with the UC Irvine Police Department.
- If you a university employee, report it to your supervisor or school administration.
- If you have university restricted data, immediately follow the data breach process above.
If you think your UCInetID password has been stolen or your account has been inappropriately accessed:
- Immediately reset your password.
- Notify the OIT Security Team by emailing email@example.com or contact the UCI Health Service Desk at 714-456-3333 and request the Data Security team.
- If you are a University employee, also notify your supervisor.
- If appropriate, file a report with the UC Irvine Police Department.
Ransomware is a form of maliciuos software that prevents a user from accessing their system, either by locking the screen or by encrypting files. The perpetrator then demands a 'ransom' payment from the victim before restoring access. If you think your system has been infected with ransomware, phone the OIT Help Desk immediately at 949-824-2222 (x2222) and email firstname.lastname@example.org.
To report spamming or other abuse from a UC Irvine system, please send an email to email@example.com.
UC IS-3 Electronic Information Security Policy, section 16.1.2 Reporting Information Security Events
- Workforce Members must promptly report known or suspected Information Security Incidents, Information Security Events, threats or vulnerabilities associated with Institutional Information or IT Resources to the Workforce Manager, Unit Head or CISO.