Security Incident Reporting

What is an information security incident?

An information security incident can be defined as any violation, or imminent threat of violation, of computer systems or other information technology resources or data that pose a threat to the whole or part of the Emory enterprise. Examples include but are not limited to:

  • Data loss, theft, or misuse
  • Unauthorized changes to hardware, software, firmware, or data
  • Unauthorized changes, exposure, or deletion of information assets
  • Activities that violate Emory’s Information Technology Conditions of Use policy
  • Degradation of services due to intentional action 

Examples can include, but are not limited to:

  • Lost or stolen devices (phones, tablets, computers, etc.)
  • Presence of malware (viruses, spyware) or other unauthorized/unexpected programs
  • Intentional or unintentional posting of restricted or confidential data in a publicly accessible place
  • Inadvertent disclosure of restricted data to a third party

Reporting Security Incidents

If you feel that you have a security incident to report, please use the contact information below, contact your local support representative, or contact the University (404-727-7777) or Healthcare (404-778-4357) service desks.

Reporting Stolen Devices

See the following knowledge article: KB06396

Reporting Suspicious Emails (Phishing, Frauds, etc.)

If you believe you have received a spam or phishing message, you may report it to OIT Security. Please see our page on reporting suspicious emails

Contact OIT Security

Email: security[@]emory[.]edu

Note: We cannot assist you with changing your password, or other password related problems. Please call the University Service Desk at 404-727-7777 or the Healthcare Service Desk at 404-778-HELP for assistance with password issues.