Skip over navigation

What to do if ...

This section provides you with information regarding what you should do if certain situations arise.  Please select the appropriate situation from the list below.  For cases that are not covered, please contact the OIT Help Desk at 258-HELP.

What to do if you receive harrassing or abusive communications

 

From a member of the University community

If you receive harassing, abusive or offensive communications from a member of the University community, you should report the matter to the most appropriate of the following contacts:

 

From someone outside the University

If you receive harassing, abusive or offensive communications, "spam" or "chain letters" from outside of the University community, you usually can report the incidents to the appropriate authorities, as most schools, corporations, and Internet service providers do not intend their electronic resources to be used for such purposes.

 

If you are uncertain about who to call

If you do not feel that following your usual reporting path would be appropriate, or you are not sure of the appropriate division to handle the matter on your behalf, OIT Help Desk staff (258-HELP) can help you make the appropriate referral.

What to do if you become a phishing victim

If you suspect that you may have exposed your personal information to an unauthorized individual, you should:

  1. Change all of your passwords that were exposed.
  2. Contact the institution that was being masqueraded.
  3. Tell them that your personal information has been exposed.
  4. Ask them to cancel any accounts affected.
  5. If the information provided can be used to access other institutions, contact them as well. For example, if your credit card number was exposed, contact your credit card company as well.
  6. If any piece of information was exposed that could be used to open financial accounts (e.g., your Social Security Number, date of birth, place of birth, mother's maiden name, bank account numbers, credit card numbers), contact your credit card company or any of the three major credit bureaus and sign up for their credit monitoring service, a fee-based service that will automatically notify you whenever your credit record is accessed. Here are the websites for the three major credit bureaus:
  7. If you received the e-mail message through your princeton.edu address, contact Princeton University's Department of Public Safety.
  8. Contact national agencies dealing with Internet fraud:

What to do if your computer, mobile device or storage medium is lost or stolen

If your computer, mobile device (e.g., iPhone, iPad, Android device) or storage medium (e.g. flash drive, DVD) is lost or stolen, a few things need to be addressed:

  • We need to determine if the device held any confidential or sensitive information.
  • In the case of a stolen device, we need to get the right authorities working on the case.
  • It would be nice if we could recover the lost or stolen computer, mobile device or storage medium.

To address these issues, the University has developed a comprehensive data breach response plan that describes the responsibilities of all of the individuals and departments affected by the potential breach. 

In such cases, anyone who has lost a computer or has had it stolen, should:

  • Contact the OIT Help Desk at (609) 258-HELP immediately so that we can assign the appropriate individuals to address any confidentiality issues that may arise from the loss or theft.
  • If any device was stolen on-campus or if a University purchased device was stolen on- or off-campus, contact Public Safety at (609) 258-1000.
  • If the device was stolen and the theft occurred off-campus, contact the appropriate law enforcement agency.
  • If the device was lost, you are expected to make a reasonable attempt to recover the device.

Click here for additional information regarding your responsibilities in cases where your computer has been lost or stolen.

What to do if you suspect that your computer has been compromised

If your computer begins to exhibit:

  • A sudden reduction in the computers' performance.
  • Unusual behaviors, such as windows briefly popping up and closing down.
  • Application programs terminating and restarting again.
  • Sporadic failed logins, even though you are certain you entered the password accurately.

Your computer may have had malicious software installed by a hacker that can capture sensitive information (including passwords), alter data or disrupt your service.  In many cases, the behaviors may be simply software or key entry errors, but erring on the side of caution is always advised.

To determine if a data breach has occurred and to respond appropriately, the University has developed a comprehensive data breach response plan that describes the responsibilities of all of the individuals and departments affected by the potential breach. 

If any such suspicious activity is detected, it is important to determine whether or not malicious activity has occurred as soon as possible to prevent the loss or exposure of data, so you should take the following steps:

  • If you know your department's IT support person, please contact him or her to check you system.  They will involve the necessary parties in case further follow-up is needed.
  • If you do not know your support person, please call the OIT Help Desk at 258-HELP, and they will ensure that the appropriate individuals are involved.

Click here for additional information regarding your responsibilities in cases where you suspect that your system may be compromised.

What to do if you suspect that University data may have been exposed to unauthorized individuals

If you suspect that University information has been exposed to unauthorized individuals, either through a lost or stolen computer or storage media, or through a computer compromise, a few things must be addressed:

  • We need to determine:
    • the type of confidential or sensitive information that was exposed,
    • whether criminal activity was involved and/or a lack of compliance with University policy,
    • what our obligations are to any individuals affected by the exposure.
  • We need to identify the appropriate individuals in the University community who will interact with the affected individuals, the public, news agencies and law enforcement.

To address these issues, the University has developed a comprehensive data breach response plan that describes the responsibilities of all of the individuals and departments affected by the potential breach.

To ensure that the University data breach response plan is executed in a timely manner, your prompt reporting of the incident to the OIT Help Desk at 258-HELP is critical, so that we can assign the appropriate individuals to investigate the incident and address any confidentiality issues that may arise.

Click here for additional information regarding your responsibilities in cases where you suspect that sensitive information may be compromised.

What to do if you suspect your personal information might have been stolen

If you suspect that your personal information might be stolen by an unauthorized individual, you should:

  1. If the stolen information includes account numbers associated with banks, brokerage firms or other financial institutions (e.g., savings accounts, credit cards, loan accounts, ...), contact the institution immediately, tell them that your personal information has been exposed, and request that the accounts be either closed or placed on a watch list.
  2. If the information includes any passwords to systems, those passwords should be changed immediately.
  3. If any piece of information was exposed that could be used to open financial accounts (e.g., your Social Security Number, date of birth, place of birth, mother's maiden name, bank account numbers, credit card numbers), contact your credit card company or any of the three major credit bureaus and sign up for their credit monitoring service, a fee-based service that will automatically notify you whenever your credit record is accessed. Here are the websites for the three major credit bureaus:
  4. If your information was stolen on campus, contact Princeton University's Department of Public Safety.
  5. If your information was stolen off-campus, contact the appropriate law enforcement authority.
  6. The Federal Trade Commission has a wealth of information regarding identity theft: