Security breach

RULE: If you experience a security breach

AU strives to maintain a high level of security, but in rare cases there are still breaches of security. You have a duty to report any security breaches you become aware of.

A security breach could be:

  • Potentially compromising information sent to an actual recipient
  • Potentially compromising information sent to the wrong recipient
  • Accidental publication of information
  • Hacking
  • Loss or theft.

Report security breaches here.

TIP: If you experience a security breach

If you see something, say something. It’s better to report an incident once too often than once too little. Therefore, report any cases where you are in doubt as to whether there has been a security breach.

TIP: Use the whistleblower scheme

If you suspect or have knowledge of illegal activities or other serious circumstances that compromise information security, you can also use the AU whistleblower scheme.

TIP: Spot a phising e-mail

TIP: Spot a phishing email

Phishing emails often have specific characteristics. Here are some of them.

Keep your NemID and passwords to yourself

  • Aarhus University, Nets and other legitimate banks, companies and government authorities will never ask you for your personal passwords, NemID code card or the like. If you receive a request to provide this kind of information, do not respond.

 ​​​​​​​Be careful about clicking links in mails and text messages

  • Scammers are good at making mails and text messages look genuine. If you are in doubt, check the official website of the sender. 

Look for clues that unmask a scammer

  • Cybercriminals will try to entice you to click links or open attached files. But there are a number of clues that will reveal these fakes: If you hover the mouse over a link in a mail, you can see where the link will take you if you click it. Instead of clicking the direct link to the sender’s website, find the official website online and use the search function to see if you can find the same content.

Check the sender

  • When you receive an email, hover your cursor over the sender's name to see the email address.
  • If you suspect that the sender of an email might be a scammer, do an internet search and check the email address or telephone number to make sure the information is correct. Or contact the company or government authority via their official website or telephone number and confirm that the email is genuine.
  • Phishing emails can also be 'disguised’ as internal emails. Scammers can easily create email addresses that resemble AU email addresses. Be aware of slight spelling errors in the name of the email domain, i.e. what comes after @. For example, '' instead of ''.  

Count to ten before you click

  • Scammers often try to get you to act quickly. If you get an unsolicited mail or text message, it’s a good idea not to respond immediately: wait until you have time to think twice before you answer.

See also guidelines on how to report phishing emails in Outlook

TIP: If you lose your AU equipment

See this guide on stolen or lost equipment.