Be aware that if the computer you are currently using contains data that is sensitive or confidential, you must immediately report if you suspect that the data on your computer has been accessed or inadvertently shared with unauthorized people. Sensitive information may consist of social security, driver’s license, and/or credit card/bank account numbers, health data, and student records (e.g., student data, grades, other personal data).

Reference: https://datamanagement.iu.edu/types-of-data/classifications.php

What to do if you suspect that the data on your computer has been accessed or inadvertently shared with unauthorized people:

1. DON’T PANIC.
2. If the suspected data compromise, loss, or exposure was on a computer, then stop working/using the computer. DO NOT reboot or power it off. Rebooting the computer or turning it off might delete evidence that IU will need to determine the source of the compromise or to evaluate how badly this incident affects you and/or IU.
3. IMMEDIATELY CALL, no matter what time of day or night or weekday or weekend or holiday, until you get to a human. Try in this order:
   • Biology Computing Support at 812-855-7807 and by email at biocomp@indiana.edu
   • UITS Support Center at 812-855-6789 (24x7)
   • UITS Network Operations Center at 812-855-3699 (24x7)
   When you reach the Support Center or the Network Operations Center, ask staff to PAGE the University Information Security Office (UISO). A representative from UISO will then call you back.
4. Provide the following:
   • A description of the data that was suspected compromised, lost, or exposed
   • The type of physical device that the data was accessed from (jump drive, computer, etc.)
   • Details such as what, where, when, and how the suspected compromise, loss, or exposure of data occurred
   • This unit (or UITS after hours) will immediately contact the UISO (University Information Security Office) with information and receive procedural advice based on the circumstances.
   • Wait for further guidance from Biology Computing Support or UISO.

Recommended actions:

1. Update your supervisor on the circumstances.
2. Don’t discuss the incident with anyone until authorized to do so by IU Biology leadership or IU officials (e.g., University Information Policy Office)