How to Report a Security Incident

The UFIT Information Security Office responds to and investigates information security incidents related to misuse or abuse of university information and information technology resources.

What is an Information Security Incident?

An information security incident is defined as a real or suspected event, whether electronic, physical or social that adversely impacts the confidentiality, integrity or availability of University of Florida data or information systems and is inconsistent with University of Florida Privacy or Acceptable Use policies.

Information security incidents must be reported to the appropriate contacts for immediate and optimal assistance.

Reporting Email Abuse and Compromised Accounts

Cybercriminals target university faculty, staff and student emails through malicious phishing attempts and unauthorized account logins to access sensitive information.

Common incidents include:

Your Gatorlink password no longer works, but you did not initiate a change.
Your files are suddenly deleted or corrupted, or new files unexpectedly appear.
You receive multi-factor authentication push notifications that you did not initiate or authorize.
You receive a suspicious email that may contain grammatical errors, tempting offers or requests for personal information.

If you suspect your personal information or files have been compromised, the UFIT Help Desk is available 24/7 to assist with account recovery and management.

If you receive an unsolicited or suspicious email in your GatorMail inbox, you can report it directly to UFIT by clicking the Phish Alert button or forwarding the message to abuse@ufl.edu.

Reporting Exposure of Restricted Data

The UF Data Guide is a tool to help you classify data accordingly and determine what data should be handled with extra caution.

Restricted Data is data that are subject to specific protections under federal or state law or regulations or under applicable contracts. Examples include, but are not limited to, medical records, Social Security numbers, credit card numbers, Florida driver licenses, non-directory student records and export-controlled technical data.

Working with restricted data can be tricky, so UFIT created Fast Path Solutions (FPS), a comprehensive list of pre-assessed software and computing environments filtered by data classification to create a secure digital landscape.

Faculty and staff can also receive assistance from their college or department’s information security manager (ISM) in finding UF-approved software and hardware. You may search for your ISM here.

HIPAA violations or the potential unauthorized exposure of UF restricted data must be reported to the UF Privacy Office.

Reporting an Incident Impacting University Infrastructure

Information security incidents that pose a risk to university operations and IT assets, even if you were not involved, must be reported to the Information Security Office’s Incident Response Team by sending an email to ufirt@ufl.edu or calling (352) 273-1344.

IT Staff Incident Response Procedure

University IT staff members seeking more information should consult the UFIT Incident Response Procedure.

Incident Response Procedure