Please contact the Information Security Office (ISO) right away for any of the following:
Report a lost or stolen device
Report other suspicious cyber activity to the ISO
For urgent matters, call 203-627-4665
This is our 24x7 number. Call us immediately for events impacting the confidentiality, integrity, or availability of Yale University. This includes, but is not limited to:
- I believe High Risk or regulatory (e.g. HIPAA, SSNs) data has been lost, stolen, or placed where it shouldn’t be.
- I believe someone has stolen my account or password.
- I received a pop-up message demanding urgent action is taken (e.g., ransomware, malware).
- I received unexpected messages from a colleague asking for money or other financial information.
- I’ve found a technology vulnerability or coding bug in a Yale IT System.
If you are unsure if this is a cybersecurity issue, contact the ITS Helpdesk 203-432-9000 or your local support provider.
See below for more information on our “Bee SAFE, Not Sorry” model for reporting suspicious cyber activity.
Recognizing, reporting, and responding to cybersecurity incidents
How do you know when to report something? What steps should you take? What do you do once you’ve reported the concern? We sum this up with our “Bee SAFE, Not Sorry” model, where SAFE stands for:
S – See something suspicious
A – Act quickly
F – Follow instructions
E – Exercise discretion
As the individual reporting an incident, the “Bee SAFE, Not Sorry” model is all you need to know.
"S" - See something suspicious
Go with your gut. You know your work better than anyone. If something seems unusual or suspicious, don't ignore it.
Here are a few common red flags that should be reported:
- Pop-up messages demanding action be taken right away.
- Files are missing or unfamiliar files are appearing on your device.
- Settings on your device or applications were changed.
- Device frequently crashes or runs unusually slow.
- Browsers (e.g. Firefox, Chrome) are lagging or redirecting to unknown sites.
- Emails from unexpected senders or that contain suspicious links or attachments (phishing).
"A" - Act quickly
Don’t hesitate to report the concern or be embarrasxsed or worried about blame. Even if what you saw ends up being nothing, it is better to be safe than sorry.
Here are some dos and don’ts when reporting an incident right away:
- Report the incident as soon as you see something that causes concern.
- Know you are doing the right thing just by exercising caution and reporting the concern.
- Call us at 203-627-4665 if it seems urgent.
- Hesitate or procrastinate.
- Be embarrassed or worried about blame.
- Talk to others for a second opinion or try to resolve the issue yourself.
Even if what you saw ends up being nothing, it is better to be safe than sorry.
"F" - Follow instructions
Follow the guidance provided by the Information Security Office (ISO) after you report a security incident. Let the experts help.
"E" - Exercise discretion
Don’t discuss the incident. Once you report it to the ISO, refrain from discussing the incident with others.