Skip to main content

Report an Incident

If you believe you see any abnormal behavior on your IT System, it is better to be safe than sorry. Report it right away.

How to report an incident

Urgent matters

We are available 24x7 for urgent security matters. Call our on-call number immediately at 203-627-4665 if you: 

  • have reason to believe High Risk or regulated data has been lost or stolen. 
  • suspect any unauthorized access to High Risk or regulated data types. 

Regulated data types include HIPAA and PCI. For more details on High Risk data types, please see our Data Classification Guideline

Other suspicious activity

There are a few ways to report an incident to us, depending on the event.
Report a Lost or Stolen Device
Report a Phishing Message

For all other suspected security incidents, contact the ITS Help Desk. You can call the Help Desk at 203-432-9000, or via email

What do I need to know about reporting an incident?

A cybersecurity event is a change in the normal behavior of a given IT System or environment. Millions of events occur every day. Not every event is an incident, but it could be. The Information Security Office (ISO) coordinates efforts to determine if an event is an incident.

Our office observes events through operations tools. A cybersecurity incident is an observed event that gives us reason to investigate. Our team will coordinate Yale's response to the event. This response will depend on the level of risk as determined by a member of our team.


Report suspicious behavior right away 

Abnormal, suspicious, or potentially risky behavior may include: 

  • A lost or stolen device that may contain Yale Data.
  • Ransomware notes - A note that prevents or limits you from accessing your system. Ransomware can lock your system's screen or lock your files until you pay a ransom.
  • Receiving or responding to a suspicious email/phishing message.
  • Warnings about expired certificates when accessing a Yale website.
  • Other significant security lapses or vulnerabilities observed on Yale’s systems.

How to spot suspicious behavior on your device:  

  • Your device is working unusually slow.
  • The presence of mysterious files you don't remember creating.
  • Missing files. 
  • An increase in pop-up messages or advertisements.
  • Your browser (e.g. Internet Explorer, Google Chrome) lagging or redirecting you to unexpected sites. 
  • Changes to your browser homepage or toolbar.
  • Changes to your device settings or applications.
  •  Frequent device crashes.
It is better to be safe than sorry. If you suspect that something is wrong with your device, report it right away.