Examples of Information Security Incidents

This page has been created to help understand what circumstances an Incident Reporting Form needs to be filled out and reported. This includes, but is not limited to, the following:
  • Unauthorized disclosure of sensitive information
  • Theft or loss of equipment that contains private or potentially sensitive information
  • Extensive virus or malware outbreak and/or traffic
  • Attempts (either failed or successful) to gain unauthorized access to a system or it's data
  • Compromised user account
    • Responding to a phishing email or having any other Murray State University account compromised (ex. Active Directory, MyGate, etc.)
  • Extensive disruption of Murray State University's information services