Report an Information Security Incident

Overview

Minnesota State is committed to protecting the security and privacy of its information resources and to make information accessible to fulfill its mission of providing high quality higher education.

  • We want to hear from you any time an information security incident is a suspected, attempted, successful, or there is imminent threat of unauthorized access, use, disclosure, breach, modification, or destruction of information to include interference with information technology operations.

Phishing

The most frequent incidents reported are suspected email phishing attacks.

  • If you identify an email that looks like phishing, you can follow the instructions here to immediately report the phishing email in Microsoft Outlook, Microsoft Office 365 or Outlook app installed on a mobile device. 
  • If you believe your account has already been compromised as a result of a phishing attack, immediately request this service to get assistance or contact our IT Service Center.  Indications of an account that is already compromised can include emails being sent from your email account that you did not send. Suspicious activity is an indicator that someone has unauthorized access to your account user name and password.

Other examples of information security incidents you would report include:

  • Suspected unauthorized use of a computer system.
  • Unauthorized use of another user’s credentials or impersonating another University user.
  • Malicious threats, include computer viruses, trojans, worm and spyware.
  • Social engineering, phishing scams, compromised accounts
  • Loss or theft of computer equipment or other data storage devices and media (e.g., laptop, USB drive) used to store private or potentially sensitive information
  • Unauthorized access to sensitive information, such as Social Security numbers or restricted research data, whether intentional or accidental.

Benefits

  • It is important to report actual or suspected security incidents as early as possible so the University can prevent or limit the impact.
  • Trend analyses of the collected information can be performed, allowing the University to focus preventative efforts on areas of most concern.
  • Investigations (where appropriate) can be performed, and action taken to prevent a recurrence of the incident.

Resources

Minnesota State Board Policy - 5.23 Security and Privacy of Information Resources

For more general information about common security issues: US-CERT https://www.us-cert.gov/ncas/tips

 

 

 

 
Report an Incident

Related Articles (1)

Phishing Overview
General information on Phishing attacks, types, examples, prevention and other resources.