An Information Security Incident is a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard computer security practices.. Incidents that should be reported include, but are not limited to:
- Attempts (either failed or successful) to gain unauthorized access to a system or its data
- Unwanted disruption or denial of service
- Unauthorized use of a system for processing or storing data
- Changes to system hardware, firmware, or software characteristics without the owner's knowledge, instruction or consent
Please report any potential information security problems immediately, as timely reporting allows the UA Information Security team to determine if further investigation is necessary, and limits any further damage or loss of data.
Important: If the incident poses any immediate threat to life or property, call 911 to contact law enforcement authorities immediately.
IF YOU ARE REPORTING A PHISHING EMAIL, YOU DO NOT NEED TO SUBMIT AN INCIDENT FORM. INSTEAD, PLEASE DO THE FOLLOWING:
- Check our phishing alerts to see if the phish has already been reported. If it has been reported, please delete the email. No further action is required.
- If it has NOT been reported, please forward the email to our office using one of the following methods:
- If possible, send the suspicious email as an attachment to firstname.lastname@example.org, and include the "subject line" in the incident form below with an explanation that you are forwarding the email as an attachment. For instructions on forwarding the email as an attachment, go to http://security.arizona.edu/forwarding-phishing-email-attachment-guide.
- If you are unable to forward the email as an attachment, please copy the full email headers into the field under "Describe security-related concerns." For instructions on accessing headers, go to http://security.arizona.edu/full-email-headers-guide.
* Required Item