Report an Incident

The Information Security Office (ISO) responds to and investigates information security incidents related to misuse or abuse of university information and information technology resources. An information security incident is defined as an event—whether electronic, physical, or social—that adversely impacts the confidentiality, integrity, or availability of University of Miami data or information systems; or a real or suspected action, inconsistent with University of Miami Information Technology (UMIT) policies.

Reporting an Information Security Incident

Information security incidents can be reported to the Information Security Office (ISO) by emailing:

Reporting Spam, Phishing, or Email Abuse

Unsolicited spam email and phishing scams targeting University of Miami faculty, staff, or students should be reported ASAP!

If you suspect a message to be a phishing attempt, you can quickly report it using Outlook's "Report Phish" feature. If you are not using Outlook or the feature is not available, you can forward the phishing email (as an attachment) to

Reporting HIPAA Violations or the Exposure of Restricted Data

HIPAA (Health Insurance Portability and Accountability Act) violations or the potential unauthorized exposure of UM restricted data such as Protected Health Information (PHI) or Personally Identifiable Information (PII) must be reported to the University of Miami's Office of Privacy & Data Security.

Office of Privacy & Data Security:

Reporting Unusual Activity

If your device is not acting as expected, or if you suspect your account has been compromised, please change your password immediately. Then, contact the IT Service Desk to submit an incident ticket. This will ensure that a IT team member is assigned to your case and will arrange to further investigate. 

IT Service Desk:

Coral Gables/Marine