Report an incident

Report a security incident – quickly and effectively

If you have become a victim of an attack, please contact us. We will provide you with assistance and all the necessary advice. Follow the instructions below.

bezpieczenstwo@agh.edu.pl

Contact us

men_talking
zmartwiony_mezczyzna

Report an attack

Find out how to report

zmiana_hasla

Change your password 

Find out how to change it

zastrzeganie_dokumentow

Secure your documents

Find out how to secure

1. Report an attack to us

Anyone who becomes aware of an incident is required to report it to the Information Security Centre (CBI). To report security incidents, please contact us via one of the channels listed below.

Find out what the application should include

By email

security@agh.edu.pl

By phone

 +48 12 328 34 48 (for calls from the D17 building’s telephone network: 448) between 8:00 and 16:00 – temporarily unavailable)

In person

Władysława Reymonta 23, 30-059 Kraków (D-8), 7th floor, room 718B 
between 8:00 and 16:00

Are you able to provide an initial assessment of the incident?

Please inform the appropriate department:

  • IT Helpdesk – in case you detect irregularities in central IT systems, e.g., email accounts, university-wide services
  • System administrator - if irregularities are detected in the operation of a local (i.e., concerning one unit or department of the university) IT system
  • Network Administrator - in case of detection of irregularities in the operation of the Unit's network
  • Local Information Security Administrator or Data Protection Officer - in case there is a suspected breach of personal data security

Zajdź LABI w swojej jednostce

  • Security, law enforcement or emergency services -when there is a physical threat or a threat to human health and life.

Contact AGH Campus Security

2. Change password to account

If the attack carried out has exposed information such as login and password for your mail account or any other account, you should change it as soon as possible. In the case of mail, this is done through the site poczta.agh.edu.pl website and in the top menu Settings=> Password.

Note: Do not use any links provided in the fake news.

3. Reserve the documents that have been disclosed

If the attack involved your identity documents (e.g., ID card, passport, driver's license) and you have provided the attackers with data from them or their photographs, you can keep such documents frozen.

Cancellation of identity card

Also inform your bank about the loss of the document. If you have disclosed payment card data or made payments to the attackers' account, also inform your bank as soon as possible. This will later be the basis for a complaint and possible recovery of money. 

We also recommend reserving your PESEL number.

Reservation of PESEL number

What the notification should contain?

  • Name, email and, if possible, business phone number of the reporting person
  • A detailed description of the incident - what happened, what are the consequences, whether the security of personal data may have been compromised (e.g., through data leakage), the scale of the incident.
  • How the incident was detected.
  • How the breach may have occurred (if the notifier has such knowledge).

If the message needs to be encrypted, you can use our PGP key:

Download the PGP key

If you report an email to us, we recommend saving the suspicious message in .eml format to facilitate analysis. You can do this through the "Save As" option available in most email clients. Then please send us this message as an attachment.

thunderbird

In the upper right corner (above the message) More => Save As

thunderbird_2

Right click on the message in question => Save as... 

outlook

In the middle, upper right corner of the message window, click the "message with note" sign => "Forward as attachment"

roundcube

Click on the gear wheel in the top menu => Download (.eml)

We wish to inform you that the organisation does not have a bug bounty programme in place.