Report an Information Security Incident
You can report a potential information security incident by email to security@ohio.edu, or by phone to 740-566-7233. If the incident involves life or safety, call 911 immediately. When reporting by email, provide relevant details and the Information Security Office will contact you with next steps.
What is an Information Security Incident?
An information security incident is anything that indicates a threat to computer systems or university data. This is not a complete list, but includes:
- Unauthorized use of university computers.
- Log in attempts (successful or not) to gain access to someone else's account.
- Improper or unauthorized use of sensitive data.
- Theft of a university-owned device, or the theft of a personally-owned device that contains university data.
- Anything that diminishes the confidentiality (measures taken to ensure privacy), integrity (verifies accuracy, consistency, and trustworthiness of data), or availability (accessibility of systems when you need them) of university data and systems.
If a computer, server, or other device is involved, leave it powered on and contact us immediately by phone. The only change you should make to the device is to disconnect it from the network (unplug the network cable or turn off WiFi) - any other attempts to use or clean the device may interfere with our ability to determine the severity of an incident. Do not use the device until the Information Security Office confirms that it's OK to do so.
Examples of Potential Information Security Incidents
- Email forgery that appears to be sent from an ohio.edu email address. To report these messages, forward the email as an attachment to security@ohio.edu.
- Exposure of sensitive university data, either accidental or inadvertently.
- Threats to individuals. If you fear for your safety, call 911.
- A pop-up on your device demands you pay a ransom to access your data.
- Misuse or abuse of university accounts and passwords to gain access to systems or data that the person is otherwise unauthorized to access.
This is not a complete list. If you are unsure if what you experienced or witnessed is an incident, contact the Information Security Office.