Aim: Explain what to do when your electronic work facility (laptop, PC, tablet or mobile phone) has been lost or stolen.
Always take the following actions, as soon as possible!
Summary of actions
- Report the loss or theft via an email to firstname.lastname@example.org;
- Change your Nikhef passphrase via our SSO page;
- Consider changing passphrases for other (private) accounts too.
If your electronic work facility was lost or stolen, inside or outside of Nikhef, please contact the Nikhef privacy/security team as soon as possible via an email to email@example.com. Please include in the report what happened and how you can be contacted.
The Nikhef privacy/security team will then ask you some questions about the data that were present on the device and the protection of the device. This information allows them to determine whether the loss or theft should be considered as a data leak.
If there is indeed a data leak, Nikhef / NWO-I is required to report the incident to the Dutch Autoriteit Persoonsgegevens within a short time after the loss or theft was detected. Failing to report in time may lead to a fine for Nikhef / NWO-I. It is therefore mandatory that you inform the privacy/security team as soon as possible!
Preventing further damage
It is also important to make sure that whoever got hold of your electronic device cannot use it to access your information or use your accounts on the device to access other services. Therefore you should change your Nikhef account passphrase immediately via our SSO page.
This step ensures that others cannot access your email, files at Nikhef's storage systems or other services like UBW, SURFdrive or Jira.
If your device had (Grid) certificates or private (ssh) keys, inform the privacy/security team about that. They can help to revoke the certificates or make sure the private keys cannot be used.
If your device contained access to other services, private or work-related, you may want to change the passphrases for such accounts too.