Incident and Breach Reporting

Welcome to the Western University’s Incident and Breach Reporting site, your central hub for reporting and understanding various types of incidents that may occur within our university community.

We are committed to ensuring the security and privacy of our students, faculty, staff, and sensitive information. Below, you will find clear guidelines on how to report different types of incidents and the steps to follow in case of a breach.

Reporting an Incident or Breach

If you suspect or witness any incident related to cybersecurity, cardholder data, or privacy breaches, or obtained information from a third party, please use the appropriate reporting channels below. Your vigilance plays a crucial role in maintaining a secure university environment.

Prompt reporting enables the University to respond, contain, and mitigate potentially damaging outcomes, and determine if sensitive data is at risk.

Do not delay in reporting an incident or breach even if you do not have all the information! 

Identify the Type of Incident

Refer to the following to categorize the incident correctly

- Cybersecurity Incident:

A Cybersecurity incident involves either the loss of data or unauthorized access to data and systems due to actions by a threat actor, malware, or security gaps.

These incidents intentionally compromise solutions at Western University or within our cloud service providers. When such incidents occur, it is crucial to escalate them promptly to WTS.

  • Contact WTS Help Desk immediately for all information security incidents.
  • Call the WTS Help Desk at 519-661-3800 or submit a Jira ticket at any time.

- Privacy Breach:

A privacy breach is an incident involving the unauthorized collection, use, access, or disclosure of personal information. There can be internal breaches (within Western University) or external breaches (with third party service providers).

"Personal Information" is defined as recorded information about an identifiable such as race, gender, home address, medical history, education history, identifying numbers (e.g. SIN, employee number, student number, etc.), financial or employment information, personal opinions, completed assignments and exams, and grades, comments and evaluations provided by an instructor.

  • Immediately contact and Inform your Dean, Chair or Supervisor with the following details (if available):
    • The nature of the personal information involved (e.g. name, SIN, etc.)
    • The number (potential or actual) of individuals affected by the breach and who they are.
    • The possible scope of the breach (e.g. internal/external - who might have gained access to the personal information without consent or authorization, length of time before detection of breach, etc.)
    • The date and/or location of the incident giving rise to the breach and
    • When and how the breach was discovered.

- Cardholder Data related Incident: (for Western Merchants only)

An incident involves the unauthorized collection, use, access or disclosure of any cardholder data. A merchant who suspects or confirms unauthorized access to any payment system that collects, transmits, processes, or stores cardholder data, is required to report the incident.

This includes technical breaches of internal applications/systems or third-party service providers, point of sale (POS) devices, tampered forms or documentation.

  • Contact the Bank Card Committee Response Team with details of the incident. Provide information on payment transactions, POS devices, applications/systems, third-party service provider and unauthorized transactions.
  • Theft or tampering of the devices that collect, transmit or store card holder data should also be reported to Campus Safety and Emergency Services as soon as discovered. Call 519-661-3300, or dial campus ext. 83300

- If you are not sure:

  • Please contact help desk for all other information security incidents. Call the WTS Help Desk at 519-661-3800 or submit a Jira ticket at any time.

Contain and Minimize the Breach

  • Take steps to stop or minimize breach, where possible.
  • Follow the instructions provided by the respective response teams to contain and minimize the impact of the incident.
  • Provide accurate information and assist in the investigation process.

Learn and Prevent

  • Implement best practices to enhance cybersecurity, data protection, and privacy measures.
  • Engage in post-incident reviews to assess the response process.

For Emergencies and Immediate Assistance.

If you notice any suspicious activity anywhere on campus, contact Campus Safety and Emergency Services at 519-661-3300, or ext. 83300.

Published on  and maintained in Cascade.