Quick Start

Available to: Students, Faculty, Researchers, Staff, Departments, IT Professionals

Cost: No charge for most cases. In certain large scale incidents, some business units might be asked to help defer the costs of external services, such as credit monitoring and notification services.

Information Security manages and maintains the Data Breach Response Management Process for incidents and events involving loss of data that includes sensitive and protected information such as social security numbers, credit card numbers, or any data classified as internal use, confidential, or restricted use. For a complete listing of data classified as sensitive, please see the BU Data Classification Guide.

Getting Started

  • Security is everyone’s responsibility. If you see anything that suggests we may have a cybersecurity incident or data breach, contact the IT Help Center
  • If you suspect a data breach, DO NOT power off, log in to, continue to use, or alter any system  unless directed to do so by the Incident Response Team (IRT) 


Having an approved, documented procedure is crucial for handling potential data loss incidents properly. In the unfortunate event where such information may have been accessed by unauthorized individuals, there are regulatory requirements to which the University must adhere.

Key Features

  • IRT (BU Information Security Incident Response Team) – Coordinates the technical response to cybersecurity incidents at the University
  • ISO (Information Security Officer) – Initiates the Data Breach Response Management Plan, acts as the central communication point and coordinator for breach response, and coordinates with senior management. This role is generally filled by the Executive Director of Information Security, but may be filled by another designee if appropriate
  • The First Responder Checklist – Provides guidance to the first people to observe indicators that a security issue may be occurring

What to Expect

This service is available 24 hours a day, 7 days a week.

Incidents are triaged according to the severity of the incident. Some factors that contribute to severity are:

  • Safety concerns for people and buildings
  • Loss or exposure of personal or institutional data
  • Violation of laws and contracts
  • Interruption of service to a community
  • The size of the affected community


Anyone can and should report a suspected data breach incident.