Security incident reporting - official channels.
When a security incident occurs, knowing exactly who to contact can make all the difference. A quick-contact guide for the United States, Canada, United Kingdom, Australia and New Zealand, plus the first steps to take before you call.
When to report an incident
If your business experiences any of the following, immediate reporting is recommended:
- Unauthorised access to systems or data
- Ransomware or malware infections
- Data breaches or data theft
- Phishing attacks that compromised credentials
- Suspicious network activity or unexpected system behaviour
- Lost or stolen devices containing sensitive information
- Insider threats or policy violations with security implications
Step 1 - document it internally
Before contacting external authorities, capture these essentials:
- Date and time of discovery
- Systems, data or services affected
- An initial assessment of impact
- Actions already taken to contain the incident
- A point-of-contact for the response
Step 2 - contact the right authority
Select the agency based on your location and the nature of the incident. The official channels are below.
For help with your account or your monitoring, reach our team any time.
- Email: hello@uplinkd.com
- AU phone: +61 3 9000 0201
Who to contact, where you are.
These are the national cyber and cybercrime reporting bodies. In an active emergency that threatens life, always call your local emergency number first.
United States
- 24/7 hotline: 1-888-282-0870
- Report incidents: report@cisa.gov
- Online: myservices.cisa.gov/irf
- Internet Crime Complaint Center: ic3.gov
- Field offices: find your local office
Canada
- Phone: 1-833-CYBER-88 (1-833-292-3788)
- Email: contact@cyber.gc.ca
- Online: cyber.gc.ca
- Phone: 1-888-495-8501
- Online: report fraud
United Kingdom
- Online: ncsc.gov.uk
- Phone: 0300 123 2040
- Online: actionfraud.police.uk
Australia
- Phone: 1300 CYBER1 (1300 292 371)
- Online: cyber.gov.au
- Enquiries: 1300 363 992
- Online: oaic.gov.au
New Zealand
- Phone: 0800 CERT NZ (0800 2378 69)
- Online: cert.govt.nz
Regulated? You may have to report there too.
On top of the national channels, some sectors have their own mandatory reporting, often with strict timelines.
Financial services
- USA: FinCEN
- Canada: OSFI
- UK: Financial Conduct Authority
- Australia: APRA
- New Zealand: Financial Markets Authority
Healthcare
- USA: HIPAA breach notification
- UK: NHS Digital
- Australia: Australian Digital Health Agency
- New Zealand: Ministry of Health
Handle it well and it costs you less.
Business impact
- Regulatory requirements: many jurisdictions have mandatory reporting with strict timelines.
- Legal implications: proper reporting can provide legal protection and demonstrate due diligence.
- Insurance: most cyber policies require prompt notification to keep coverage valid.
- Reputation: handling reporting well limits the reputational damage of a breach.
Prepare before it happens
- Develop an incident response plan before an incident occurs.
- Establish clear reporting chains within your business.
- Document all security incidents, even the ones that seem minor.
- Train staff to identify and report security events.
- Keep communication templates for different incident types.
- Maintain a contact list of the relevant authorities and stakeholders.
After you have reported
- Continue to document all activities and findings.
- Preserve evidence following proper forensic procedures.
- Communicate with your teams following your response plan.
- Run a post-incident review to identify improvements.
- Make sure you have continuous monitoring so the next one reaches you first.