Report an Information Security Incident

Sub-Title

How to Report an Information Security Incident

<Information Security Incident Form>

Definition of an incident

The definition of an information security incident is a suspected, attempted, successful, or imminent threat of unauthorized access, use, disclosure, breach, modification, or destruction of information; interference with information technology operations; or significant violation of acceptable/technology use policy.

A successful or unsuccessful attempt of:

  • Unauthorized access, use, disclosure, modification or destruction of information.
  • Intentional interference with the operation of information technology.
  • Violation of our security policies including but not limited to our acceptable/technology use policy.

The following are examples of a security incident:

  • Suspected or actual breaches, compromises or other unauthorized access to accounts, systems, applications or data
  • Compromised user accounts
  • Computer system intrusion
  • Unauthorized or inappropriate disclosure of information classified as Level 3 Extreme, Level 2 High, or Level 1 Medium
  • Ransomware infection
  • Unauthorized access to, or use of any applications, accounts or data
  • Loss or theft of equipment used to store GAC data
  • Denial-of-service attack or any attack that prevents or impairs the authorized use of networks, systems or applications
  • Successful spear phishing or social engineering with ill intent or causing financial harm to GAC
  • Any interference with the intended use of technology resources