Incident Response
Sidebar
What is a security incident?
It’s defined as an adverse or malicious event in an university system, on our network, with a technology resource or the threat of the occurrence of such an event. A security incident implies harm or the potential for harm.
Formally, security incidents can be defined as any of the following:
- Unauthorized access to, disclosure, or manipulation of UofL financial data
- Unauthorized use of UofL credentials
- Accidental or intentional data exposure that makes Personally Identifiable Information (as regulated by HIPAA, FERPA, PCI, GLBA, Export Controls, KRS 61.931-934, etc.) or other sensitive data viewable to individuals not authorized to view the data
- Theft, exfiltration, or loss of university information, or systems, including hardware or storage media, financial data, student records, financial aid information, research data, and employee information
- Any system’s unavailability because of unauthorized activity
- Damage to, or tampering with, university systems by an external malicious actor or insider threat
For all cybersecurity incidents, contact secureit@louisville.edu. For data privacy and breach related incidents, contact isopol@louisville.edu.