University of Minnesota  Procedure

Report Information Security Incidents


Expand all


Table of Contents

TOC placeholder


Please use the contact section in the governing policy.

Report information security incidents, including but not limited to suspected breach or disclosure of private data, suspected lack of physical or technical security controls, violations of acceptable use of information technology resources, to University Information Security ([email protected]).

Do not use the device or system that may be involved in a suspected security incident or data breach. Instead use alternative communication methods (e.g., different device, call Technology Help 612-301-4357) to report the incident to University Information Security and wait for further instructions prior to turning the device or system off.

Immediately report the details of a suspected security issue involving any University private data—whether the data is on a computer, on paper, on the web, etc.— to University Information Security ([email protected]). Include:

  • Contact information
  • The college/department involved
  • A brief description of what happened
  • A general description of the type of data
  • A general description of the impact of the incident

Questions about whether data/information is private, consult Examples of Public, Private and Confidential Information as well as the "contacts" listed in the policy.

Alert your supervisor, if appropriate.

To report anonymously, use the University UReport confidential reporting system.