14 April 2021

Do you suspect a data breach? Contact CERT immediately

Have you ever forwarded an e-mail to the wrong student or lecturer? Or accidentally been able to view (personal) data that you probably shouldn't have? That can already be a data breach!

Personal data in the wrong hands

A data breach is not just about hacks or phishing, but can also take place on a much smaller scale. It concerns a situation in which personal data can fall into the hands of someone who should not have access to it. Think for example of a USB stick lying around, a paper participant list of a training course, a cyber attack, an e-mail with the wrong recipient, but also stolen hardware.

Always report to CERT within 72 hours

What do you have to do in case of a data breach? Always report a (suspected) data breach to the Computer Emergency Response Team (CERT-UU) via cert@uu.nl. In this way we work together to protect our personal data.  Often a data leak must then be reported to the Dutch Data Protection Authority (DDPA, Autoriteit Persoonsgegevens), the national privacy supervisor. The AVG prescribes that this must be done within 72 hours - weekends or public holidays just count in this case. Speed is therefore important!

CERT-UU can be reached seven days a week from 8.30 a.m. to 11 p.m. by e-mail at cert@uu.nl or (in urgent situations) by telephone at (030) 253 5959.