Incident Reporting
Security Violations (suspected or confirmed) should be reported right away. If Sensisitve Data is associated with any computer involved in the incident, please call UNT Information Security immediately at 940-369-7800.
Please refrain from accessing or further interacting with the computer in question. This will help preserve evidence integrity before the UNT Information Security team can collect an image for forensic analysis.
For further explanation of what UNT considers "sensitive", the Sensitive Information Brochure provides additional explanation and guidance.
UNT Incident Reporting Steps:
- Notify your IT support staff
- Notify your immediate supervisor
- If you are an IT Manager, contact UNT Information Security directly at security@unt.edu or 940-369-7800. We also accept Remedy trouble tickets, but please do not include any sensitive or confidential data in the ticket
- If you require immediate phone assistance after hours, contact the UNT Helpdesk at 940-565-2324
- If you wish to report criminal activity, contact the UNT Police Department at 940-565-3000
- Do not allow any changes to be made to the computer or related system.
Information To Provide When Reporting a Security Incident
- Your name, phone number, email address, and department (if applicable)
- Contact information for anyone else directly involved, especially if someone else reported this incident to you
- Date, time, and location of incident
- Description of the incident, including as much technical detail as possible
- Any relevant documentation or logs
Examples of Suspicious Activity
- Unknown activity related to your account or computing services
- Log discrepancies
- Social Engineering Attempts
- Unfamiliar user accounts or or files
- Unexpected system ports or processes
- Modification or deletion of data
- Changes in file or directory permissions
- Denial of service without obvious explanation
- Threats or harassment via email