IT ServicesStaff

IT Security

Reporting Procedures

How to report a cyber attack on a server e.g. evidence showing up on logs

Contact IT Service Desk with the following information: 

  • Was there any personal, sensitive or confidential data on the server?
  • Is there evidence of data being extracted from the server? Please provide details
  • Have any suspicious files or scripts been found on the server? Please provide details
  • Are there any local accounts on the server with weak credentials, have they now been changed? 
  • Attach or forward specific parts of the log files which highlight the attacker details that could assist to investigate further e.g. IP address of who is trying or has attacked the server, dates and times, ports used.   

How to report a lost University owned device (laptop, mobile, tablet) 

You must fill in the "Reporting a lost or stolen University laptop form" as soon as possible which is available at

Once filled in it should be forwarded to the IT Service Desk email address 

How to report malware/virus/ransomware that has infected your machine

Contact IT Service Desk with the following information:

  • Did you click on a link or download software? If so, please provide details
  • Have you seen any unusual activity on the PC since for example a modified desktop background or random popup?
  • Are any files stored either on your local hard drive, shared network drives or external hard drives now inaccessible?
  • Do you have an up to date data back up? This would need to be restored after a re-installation of the Operating System if the infection has corrupted the data. 

How to report an insecure internal webpage e.g. login over http or personal data being sent

Contact IT Service Desk with the following information: 

  • Provide the exact link to the webpage and if you know who owns the page.  
  • Was any personal or confidential data submitted on the page.   
  • Do you know if the site hosted at University or in the cloud/external company?  
  • Webpage owner can request security certification - SSL Certificateswhich can be installed on the server to secure data transfer using encrypted https.  

How to report information breach e.g. if confidential or sensitive information has been lost are emailed to the wrong person 

Contact IT Service Desk with the following information:


How to report a social engineering phone scam e.g. someone asking to remote control your PC

Contact IT Service Desk with the following information: 

  • What was the first point of contact for example email, phone call, text?  
  • Did you give any login details to the scammer or allow anyone to connect to your PC remotely?  
  • Has there been any unusual activity on your machine?  

How to report spam/scam/phishing email

Contact IT Service Desk with the following information: 

  • If possible forward the email as an attachment to preserve all the original information to; if you are unsure how to do this contact IT Service Desk.
  • If you have responded to the scam or login were passed on please provide further details
  • Have you changed your password? If you have given your login details to a suspected phishing site, change your password right away ( Also, if you used the same details for other sites to change them as well.  


Important Contacts and Links when reporting security incidents 

Contact IT Service Desk Tel: 01509 222333

Action Fraud   

Security office  email  Tel: 01509 222141  

Data Protection Team, Academic Registry Tel: 01509 222819