When should I contact the Incident Response Team?

You should contact the Incident Response Team any time that you think you may have observed a security breach of a Boston University computer account or system.

The following list provides examples of events that should be reported.  If your situation fits one of these examples, please contact as soon as possible:

Security Incidents that Require Reporting

If you are a BU Community Member, and

  • you can view personal information about people other than yourself that you do not think you should be able to see.
  • the computer you are using belongs to yourself or the University and is behaving as if someone else has control over it, such as the cursor moving, text being typed, or the CD tray opening without you doing anything.
  • you are receiving harassing emails or emails that are asking you to reply with personal or account information.
  • your computer you are using belongs to you and the firewall or intrusion protection software is complaining that your system is being attacked.
  • someone else appears to have access to your accounts, as evidenced by changes to your account, records, files, or email that were not made by you.
  • you responded to an email requesting account information.
  • you have found a way to circumvent any of our security measures.

If you are not a BU Community Member, and

  • you have discovered any information that we have made publicly available that appears to contain personal or protected information that you do not think you should have access to.
  • someone within the BU Community appears to be sending you harassing or fraudulent emails, including those seeking personal or account information from you.
  • you’ve detected an attack upon or compromise of one of your computers that initiated with or involved an account or computer on the Boston University network.
  • a Boston University user is abusing your website or infringing upon a license or copyright.
  • you are the victim of a Denial of Service Attack from our network.
  • you have detected that we are operating a service that can either be abused or compromised.