Data breach

A data breach can occur in a number of ways, for example, where:

1. there has been the physical loss of a device or documents
2. suspicious activity or a cyber security incident is identified
3. mistaken communications have occurred (e.g. email sent to the wrong email recipient)
4. there has been a system error.

Staff must report any actual or suspected data breach promptly, including:

• to privacy@uq.edu.au
• if the data breach may also be a potential cyber security incident, through the Tell us about a cyber security concern or incident website.

UQ has legal obligations to contain and mitigate a data breach so it is important that staff seek advice on how best to do that. Refer to the Data Breach Procedure for additional information.