If you become aware of a security-related issue where information could be accessed inappropriately, e.g. a lost memory stick / an intruder found in a UCL office where confidential information is held / an online hoax affecting UCL, please report it.
As well as information security incidents, we also encourage the reporting of information security weaknesses or near misses. Be assured that we are more concerned about limiting damage and fixing problems than we are about punishing people, if you are concerned about reporting an incident please contact us to discuss it.
Personal Data Breach
If an incident involves personal data then it must be reported immediately to us (the UCL Information Security Group):
Fill in the Personal Data Breach Form then email it to us:
- Email: email@example.com
- Telephone: (0)20 7679 7338 (internal 37338)
Information Security Incident
If the incident does not relate to a personal data breach, our security incident reporting form gives you an idea of the sort of information we find useful, although we are happy to accept reports in any form.
When an incident has occurred you may also need to report it to Physical Security and the UCL Data Protection Office, see the following links for their details:
Reporting Emails of Concern
Please forward emails to: firstname.lastname@example.org
It is important that we have as much information about the email as possible, in particular the header data. Instructions on how to obtain this data can be found in our FAQs.