Skip to content Skip to site navigation Skip to service navigation

Report an Incident

Reporting a data or IT compromise (or risk) IMMEDIATELY is critical to keeping you and our entire Stanford community safe.

How to report a privacy problem or concern

If you’re not sure what type of issue you are facing, follow this procedure:

  • During business hours (9am-5pm PST weekdays):

Report a lost/stolen device or data incident now

​Note: For any incidents involving UK Biobank data,view the UK Biobank reporting protocols here.

How to report a vulnerability 

                              Report an IT Vulnerability now


For IT security incidents involving security issues with Stanford's computers or networking resources, follow this protocol-

During business hours (9am-5pm PST weekdays):

For urgent issues during after-hours (outside of 9am-5pm PST weekdays):

  • Contact UIT Service Desk: 650-725-4357, OR
  • Contact ITOC via the #itoc channel on Stanford’s Slack.


Examples of reportable IT Security incidents include but are not limited to:

  • Compromised endpoint (e.g., malware, keylogger, ransomware)
  • Compromised server (e.g., malware, unauthorized use/access, unusual activity)
  • Compromised Stanford websites (e.g., website defacement)
  • Compromised infrastructure (e.g., router, switch, firewall, ICS device)
  • Compromised user or email account
  • Denial of service (DoS)


 How to report specific types of incidents

For specific issues, Stanford has specific experts and protocols in place. Choose the protocol that best matches your concern.

Unauthorized exposure of sensitive data (especially High Risk Data)

Report any data breach or exposure IMMEDIATELY.

Note: For any incidents involving UK Biobank data, view the UK Biobank reporting protocols here.


For High Risk Data or High Risk PHI Data compromise, or other unauthorized sensitive data exposure, follow this protocol-

During business hours (9am-5pm PST weekdays):

For urgent issues during after-hours (outside of 9am-5pm PST weekdays):


Examples of a reportable data exposure incident include but are not limited to:

  • Information protected by FERPA, GDPR, or HIPAA regulations, including Protected Health Information (PHI)
  • Passport and visa numbers
  • Social security numbers
  • Financial account numbers

Learn more about sensitive data examples and facts.

Lost or stolen electronic device with Stanford data
Report a lost or stolen device (University Privacy Office).
Suspected phishing email

Report a suspected phish with either of these methods:

Learn more about why and how to report phishing.

Electronic threat to a person’s safety

Report to Stanford Department of Public Safety (DPS):

  • Emergencies: Call 9-1-1 
  • Non-emergency response: Call 650-329-2413 

Concerns can also be reported using the Threat Assessment and Management form.

Visit to learn more about protocols, roles, and responsibilities.
Last modified July 23, 2024