Fisher College of Business logo

Report a Security Incident

A security incident is a computer or network based activity which results (or may result) in misuse, damage, denial-of-service, compromise of integrity, or loss of confidentiality of a network, computer, application, or data; and threats, misrepresentations of identity, or harassment of or by individuals using these resources.

 

Report a Security Incident

Individuals wishing to report actual or potential security incidents can either send an e-mail to helpdesk@fisher.osu.edu or call 614-292-8976 as soon as possible.

 

Types of Security Incidents to Report

  • Computer Virus, Malware, or Trojans
  • Phishing attempt  (i.e. an entity requesting password or account information)
  • Data breach (real or potential)
  • Compromise of privileged accounts on computer systems
  • Attack on networking infrastructure, critical systems, or servers

 

What Constitutes Personal Data Exposure

Exposure of an individual's name in combination with any of the following constitutes a data breach and may require the university to begin the notification process:

  • Social Security Numbers
  • Banking or Financial account numbers with passwords or PIN numbers
  • Driver's license number or state identification card number
  • Student educational records including academic performance data, disciplinary records, race or ethnicity, gender, nationality, or grades

 

Consequences of a Violation

Under the requirements of Ohio Revised Code §1347, an incident that allowed unauthorized individuals to have potential or actual access to student, faculty or staff names coupled with their Social Security Numbers requires notification of these individuals.

According to the Interim Policy on Disclosure or Exposure of Personal Information, the actual costs associated with the notification will be borne by the department involved with the breach.

The cost of the notification process is not the only consideration when dealing with a personal data exposure. Perhaps of greater consequence is the loss of trust in the university that results from these incidents.

Other institutions that have incurred major breaches have reported significant negative effects that include denial of grant applications, loss of donor support, and declines in enrollment.