It's any event where McGill IT-provided services are abused, misused, or leveraged in some way to threatens the security, privacy, or functionality of McGill IT systems, the data they store, and the people who use them.

It's crucial to report these types of incidents as soon as possible so the impact can be assessed, and appropriate measures can be taken to protect the McGill community and prevent these sorts of incidents from recurring. The incidents and categories below are intended as examples. They’re by no means exhaustive, so when in doubt, report!

---

General IT Security Incidents

• A McGill account(s) becoming compromised*. Attackers use compromised accounts for many different types of malicious activities, including:
  • sending out spam and phishing.
  • gaining access to systems that store personal and/or sensitive information.
• A McGill website that’s been compromised and/or defaced.
• Work devices infected with malware, including viruses or ransomware.
• Suspicious emails or other digital content targeting McGill users. For more details, see Report suspicious emails.
• Suspicious physical media or devices located on campus. For example, posters or stickers with malicious links or QR codes, abandoned USB keys, or laptops.
• Lost or stolen devices.

 

*When an account is referred to as "compromised", it means that it has been accessed without the owner's permission. Logins from new devices, locations, or browsers could indicate a compromised account.

---

Online Incidents with a personal focus

If these types of incidents occur through any McGill IT-provided services or equipment, such as McGill Wi-Fi, email, Teams, public computers, or by leveraging McGill data, they should be reported.

• Harassment or cyberbullying
• Threats to self-harm
• Threats to harm or abuse others (through physical, reputational, financial, or other means).
• Doxxing, e.g. to “publicly identify or publish private information about (someone) especially as a form of punishment or revenge” (source: Merriam-Webster.com).
• Non-consensual publishing, dissemination, or receipt of explicit content such as pornography or violent imagery.

---

Unauthorized use or access of McGill resources, devices, and/or data. This includes:

• Intentionally sharing your McGill credentials with another individual.
• The sharing of files containing personal or confidential information with a broader audience than was intended. This can be accidental or intentional. For example,
  • When browsing a McGill website, you notice that you can open a file with personal information that you shouldn’t be able to access.
  • Sharing Banner data with a fellow employee who can’t access Banner.
• Misuse of McGill IT-provided resources for personal gain or in ways that go against policies and regulations. For example:
  • mining cryptocurrencies on the McGill network,
  • downloading, sharing, or storing pirated or illegal content,
  • using McGill contact lists for non-McGill activities.
• Storing McGill data in solutions that have not been vetted and approved by McGill to ensure that they have proper data protection policies, security controls, and comply with regulations.

---

Lost or stolen devices 

For lost or stolen devices, contact McGill Security Services at 514-398-3000, or visit the Security Services Lost and Found site.

Please also contact the IT Service Desk as soon as possible if the device in question is:

• a McGill-provided device, or
• a personally owned device that had McGill data stored on it or saved McGill credentials that the thief could use to gain access to McGill systems.