A security breach or cyber attack is any incident that results in the unauthorized access of your data, applications, services, networks and/or devices by bypassing the underlying security mechanisms. A breach can result in the loss or theft of your data or serious or permanent damage to your system. Breaches are a very serious matter and require immediate attention following a strict protocol.
If you know or suspect a breach has occurred involving your information, contact the Information Security Office (ISO) immediately. The ISO will help you:
- Identify and contain the breach
- Understand the laws and regulations regarding required reporting
- Assist you in adjusting your procedures to avoid future issues
Contact an Information Security Officer
Contact the ISO via at firstname.lastname@example.org or call 408-924-1705.
Security Breach Notifications (SB 1386 Compliance)
The university’s practice is to disclose any breach of system security to all affected individuals (not only California residents as required by law) whose unencrypted Level 1 personal information was, or is reasonably believed to have been, acquired by an unauthorized person.
All individuals (student, faculty, staff, consultant, contractor or any other individual) with access to confidential information are responsible for immediately reporting a security breach. See Section E, Appendix D, Responsible Use Policy Implementation Practices [pdf] for procedures and definition of personal information.
If it has been determined that unencrypted Level 1 personal information was or is reasonably believed to have been acquired by an unauthorized person due to a security breach, the campus Information Security Office will work with the department to develop an appropriate notification to the affected individuals based on each specific situation.