Reporting an IT Security Incident

If you think you might have an IT security incident report, please proceed.  It’s better to err on the side of reporting when not sure.

Begin Here

The following procedure is designed to walk you through the decision process before finalizing your decision.

Submit an IT Security Incident Report for an incident with any of the following characteristics:

  • Potential unauthorized disclosure or alteration of any of the following:
    • University data not made available to the general public routinely;
      for example, employee evaluations.
    • Data the university is bound legally or contractually to protect;
      for example, social security and credit card numbers and certain research data.
  • Loss or theft of electronic storage devices or media containing any of the following:
    • University data not made available to the general public routinely.
    • Data the university is bound legally or contractually to protect.
  • Content in a university web page, through pop-up or direct access, of any of the following:
    • Advertising for a non-educational commercial product; for example, an online pharmacy.
    • Pornographic material.
  • Distribution of viruses or malicious software from a computer on the NC State University network.

Include the following information in the report:

  • Type of incident (Please select it from above list.)
  • Your name
  • Your email address
  • Your phone number
  • Date and time of the incident
  • IP address of each computer involved
  • Logs from each computer involved

Use email or phone to submit the report:

Report other criminal activity:

  • Report any suspected theft of computer equipment on campus to the NC State University Police department at (919) 515-3000.
  • Report any suspected use of a university-owned electronic device in the commission of a computer crime to the FBI, Secret Service, or other law enforcement organizations.