Skip to ContentSkip to Navigation
About us Policy and strategy Privacy & Security bij de RUG

Reporting a cybersecurity incident or data breach

Have you seen or experienced something amiss? Think, for example, of phishing activities, misuse of your account or connection, a possible hack, or theft or loss of a computer, laptop, USB stick, tablet, smartphone, or files.

Even if you are not sure, please report it immediately!
Mail us: cert security.rug.nl

What is a cybersecurity incident?

A cybersecurity incident is a situation involving a breach of the security of the UG’s information systems and the data stored within them. For example:

  • Your laptop, tablet or smartphone was stolen or you lost it.

  • You have clicked on an email, thereby opening a virus on your computer.

What is a data beach?

A data breach is a situation in which the security of personal information has been violated.

For example:

  • An employee has had access to a student file to which they did not need to have access at all.

  • You receive an email from a colleague that contains the grades of students and it was not meant for you.

  • The addressees of an email newsletter are listed in the CC field rather than the BCC field.

Some of these examples may seem rather innocent. However, the consequences may be huge. For example, a combination of a name, date of birth, and BSN falling into the wrong hands can result in identity fraud.

What will happen with my report?

Each report is immediately assessed by the University Security Team (the CERT), which will subsequently take action depending on the nature of the report. The University Procedure for Reporting Data Breaches serves as a guide. All reports are treated confidentially.

Which other steps can I take?

The first step should always be to report immediately to the Security Team by sending an email to cert security.rug.nl.  

If your account details have fallen into the wrong hands, you should immediately change your passwords for all websites to which you log in using the user name and password in question. You can also report to the police.

If bank-related matters, such as your PIN or credit card number, are involved, you should contact your bank to block your account or card.

If you suspect that you have received a phishing email, and you need help or advice, please contact the CIT Service Desk.

Last modified:23 January 2023 11.30 a.m.
View this page in: Nederlands