The UFIT Information Security Office responds to and investigates information security incidents related to misuse or abuse of university information and information technology resources. An information security incident is defined as an event, whether electronic, physical or social that adversely impacts the confidentiality, integrity or availability of University of Florida data or information systems; or a real or suspected action, inconsistent with University of Florida Privacy or Acceptable Use policies.

Information security incidents can be reported to the UFIT Information Security Office by sending an email to ufirt@ufl.edu or calling 352-273-1344

Please be sure to follow the Incident Response Procedures – First Steps when responding to incidents.

For more information about information security incident management at the University of Florida see UFIT Security Incident Response Procedures, Standards, and Guidelines.

Reporting HIPAA violations or the exposure of restricted data

HIPAA violations or the potential unauthorized exposure of UF Restricted Data such as Protected Health Information (PHI) or Personal Identification Information (PII) must be reported to the UF Privacy Office.

Reporting spam, phishing, or email abuse

• Phishing scams targeting University of Florida faculty, staff or students should be reported to abuse@ufl.edu.
• Email abuse should be reported to abuse@ufl.edu.
• Unsolicited spam email should be reported report-spam@ufl.edu (more info)