Data Breaches

Person typing on laptop, a console with code visible on the screen

A security breach or cyber attack is any incident that results in the unauthorized access of your data, applications, services, networks and/or devices by bypassing the underlying security mechanisms. A breach can result in the loss or theft of your data or serious or permanent damage to your system. Breaches are a very serious matter and require immediate attention following a strict protocol.

Act Fast!

If you know or suspect a breach has occurred involving your information, contact the Information Security Office (ISO) immediately. The ISO will help you:

  • Identify and contain the breach
  • Understand the laws and regulations regarding required reporting
  • Assist you in adjusting your procedures to avoid future issues

Contact an Information Security Officer

Contact the ISO via at or call 408-924-1705.

NOTE : If you in any way feel physically threatened or have a crime to report contact University Police at 408-924-2222 or

Security Breach Notifications (SB 1386 Compliance)

The university's practice is to disclose any breach of system security to all affected individuals (not only California residents as required by law) whose unencrypted Level 1 personal information was, or is reasonably believed to have been, acquired by an unauthorized person.

All individuals (student, faculty, staff, consultant, contractor or any other individual) with access to confidential information are responsible for immediately reporting a security breach. For further information, review the CSU Information Security Responsible Use Policy [pdf].

If it has been determined that unencrypted Level 1 personal information was or is reasonably believed to have been acquired by an unauthorized person due to a security breach, the campus Information Security Office will work with the department to develop an appropriate notification to the affected individuals based on each specific situation.