A stolen phone, data breach, virus infection, phishing email, or other type of IT security incident must be reported as soon as possible, and preferably by telephone. If you call outside office hours, you will be redirected to a help desk staff member.
A data breach or ICT security incident must always be reported to Radboud University. Serious data breaches are reported by Radboud University to the Dutch Data Protection Authority.
Reporting
Data breach reporting form
You can report a data breach using a form in Topdesk.
If you are not on campus, enable VPN.
Form: report data breach
ICT Helpdesk, other incidents
To report ICT security incidents or an urgent data breach, you can also contact the ICT Helpdesk.
Call +31 24 362 22 22, 24 hours a day, 7 days a week. If you are unable to call, please send an email to icthelpdesk [at] ru.nl.
Identifying a data breach
A data breach involves the release of personal information, or the alteration or destruction of information. Even if there is no breach but there is still a risk, this constitutes a data breach. Below are several examples of a data breach:
- A mislaid unencrypted USB stick that contains personal information;
- An inadequately protected mobile phone, laptop, or tablet that contains access to a Radboud account that has been stolen, even if it is your own personal device;
- Printed materials that contain personal information and have been left unattended near a photocopier;
- When you find that you have access to personal information to which you should not have access, for example, because you have been given too many rights in a system;
- If you have sent sensitive personal information to an incorrect email address (i.e., to someone for whom the information was not intended);
- When a computer hacker hacks into a computer that contains personal information or access to a Radboud account.