Information security incident

Staff and students must immediately report any actual or suspected incident. Prompt reporting of cyber attacks means that the University can respond and minimise any negative impact.

Off

Reporting cyber and information security incidents

Monday to Friday, 8am to 5pm

All incidents involving actual or potential breaches of information security must be reported to the IT Service Desk on +44 (0)114 222 1111 via phone or chat. Reports must be acknowledged in real time, and not submitted by voicemail or email.

Out of hours

Outside of normal working hours, information security incidents should be reported to University Security on +44 (0)114 222 4085. This service is available 24/7 365 days a year. Reports must be acknowledged in real time, and not submitted by voicemail or email.

Upon being contacted, IT Services staff will follow our information security incident procedure to ensure that the incident is properly managed and recorded.


Types of incident

An information security incident is any occurrence observed or suspected that involves

  • unauthorised access or damage to or originating from any computer system that is owned or managed by the University of Sheffield
  • unauthorised access, loss or damage to information that is owned or managed by the University of Sheffield
  • violation of information security policies

An information security incident may involve access, loss or damage to information or computer systems that is actual, suspected, threatened, or potential.

Examples of incidents include:

  • cyber security attack - malicious attacks against University accounts or systems
  • potential security breaches - such as unpatched systems, failure to follow procedure or unusual authentication systems
  • compromised systems - such as hacked servers, virus outbreaks
  • compromised accounts - such as stolen passwords through phishing emails/calls/unexpected MFA requests
  • loss of information - such as a lost or stolen laptops
  • breach of policy - such as the Information Security policy, IT Code of Practice or Data Protection policy

Misuse of computing facilities (as defined by the IT Code of Practice) that does not constitute an urgent security incident should be reported to the Information Security team (email info-security@sheffield.ac.uk), or to a member of the IT Services Directorate.

Information Security Incident Management policy (University login required)

A global reputation

Sheffield is a world top-100 research university with a global reputation for excellence. We're a member of the Russell Group: one of the 24 leading UK universities for research and teaching.