Report a Stolen or Lost Device | Information Security Office

Take the following steps if your laptop, tablet, or phone has been stolen or lost.

Change Passwords

The first step should always be to change the passwords, passphrases, and keys for all sensitive accounts you access with the device. Only change passwords on a trusted or 'known' computer, if you are unsure if you can trust the computer you are using, ask your IT support staff.

CalNet passphrase: https://bpr.calnet.berkeley.edu/account-manager/.
Any other passwords/passphrases with access to campus systems hosting or transmitting Protected Data that don't require CalNet authentication.
Google apps keys for bConnected and eduroam Wi-Fi network: https://wifi-keys.berkeley.edu/.
All other passwords/passphrases for personal accounts that you may have accessed from or stored on the device.

Report the Theft/Loss

If the device is the property of UC Berkeley, used for university business, or accesses university data, report the incident to:

UC Berkeley Police Department
1. Visit https://ucpd.berkeley.edu/make-report
2. Get a case number
Contact your IT support (most often IT Client Services), to help you gather the following information:
1. Device serial number and model name/number
2. MAC address of the device
3. Was the device backed up?
4. Was the device part of the Campus Active Directory?
5. Did the device have full disk encryption?
Then email the Information Security Office (security@berkeley.edu) with the following information:
1. The timeframe of the theft/loss
2. Date and time when you changed your CalNet password after the theft or loss
3. The location (jurisdiction) of the report you filed
4. Include the case number of any filed reports
5. Was the device property of UC Berkeley?
6. Was there any protected data stored on the device? (https://security.berkeley.edu/data-classification#table)
7. Was there any human subject research data stored on the device? (https://cphs.berkeley.edu/review.html)
8. What campus shared systems (applications, servers, databases, etc.) did you access from this device?
9. Did the device store data that was governed by a Data Use Agreement, Confidentiality Agreement, Non-Disclosure Agreement, or another contract with a third party?
10. The information from #2 above

Quick Links

Report a Security Incident ⇢
How to report Security Incidents such as an intrusion, breach, and computer/network misuse

Respond to a Security Notice ⇢
How to respond if you have received a security notice from the Information Security Office

Report a Stolen or Lost Device ⇢
Steps to take if your laptop, tablet, or phone has been stolen or lost

Request a Policy Exception ⇢
Instructions to request an exception to the campus minimum security standards

Submit an Off-Site Hosting Request ⇢
Request to host data services off-campus with a third-party service provider