Report an IT Security Incident Video

If you only remember one thing, remember this: if you think you see signs of a potential serious IT security incident, report it:

Text Summary of Main Points in the Video

You arrive at work one day and discover in your email inbox messages that you didn't send. Some of them contain attachments that contain the social security numbers of research participants, which you needed in order to process payments. This is potentially a serious IT security incident.

What should you do?

You should immediately:

  1. inform your unit's Security Unit Liaison or IT Director
  2. report the incident to

This second action will inform the Information and Infrastructure Assurance (IIA) Incident Response Team, which is responsible for coordinating and managing IT security incidents at U-M.

What qualifies as a serious IT security incident?

  • Computer system hacked
  • Unauthorized access to/use of systems, software or data
  • Unauthorized changes to systems, software or data
  • Loss or theft of equipment used to store or work with sensitive university data
  • Denial of service attack
  • Interference with the intended use of IT resources
  • Compromised user accounts

IT security incidents are an unfortunate part of life in the digital age. They can happen to anyone.