There are two main ways you can report a security incident to the Information Security team:
- Submit a ticket on TDNext using the "Report a Security Incident" button on the right
- Send an email to Information.Security@dartmouth.edu
TDNext will prompt you to submit the necessary information. If submitting a ticket via email, make sure the following is included:
Type of Incident
Incident Timeline
Who reported the incident?
Detailed description of the event
Note all types that apply:
- System Compromise
- Credential Compromise
- Network Attacks (DOS, Scanning, Sniffing)
- Malicious Software (Viruses, Worms, Trojans)
- Equipment Theft or Loss
- Unauthorized Physical Entry
- Social Engineering Attacks (Phishing)
- Policy Violations
- Third-Party Security Incident (Cloud Service or Partner Network Breach)
-
Dates/times (including time zones) for the incident occurrence (if known), discovery, initial report, and closure.
- Contact Information for the Incident Reporter:
- Full name and NetID
- Phone number
- Email address
- Organizational unit/department
- If an automated system reported the event:
- Name of software package
- Name of the host where the software is installed
- Network address
- Physical location
- If a third party reported the event:
- Through email - Include full email notice
- Via phone call - Name, organization, phone number and email address of caller
Include as much information as possible:
- Description of the incident (how it was detected, what occurred)
- Description of the affected resources
- Description of the affected organizations
- Estimated technical impact of the incident (i.e. data deleted, system crashed, application unavailable)
- Summary of response actions performed so far
- Other organizations contacted