The Data Incident Response Team (DIRT) assists with recovery from information security breaches. When a compromise is suspected, a report is sent to DIRT, whose responsibilities are to:

• Alert: Immediately notify all members of the team that a possible incident occurred. Subsequently, keep the team members aware of the status of the incident.
• Respond: Get in touch with the contact person for the machine in question—if related to an electronic data incident—to remove it from the network.
• Investigate: Determine as soon as possible the full scope of the incident: what types of information were involved, the cause of the problem, and if information has been exposed.
• Notify: If an incident leads to exposure or if the team has reason to believe that information was acquired or used by unauthorized persons for an unauthorized purpose, the team initiates appropriate notification processes, in accordance with relevant laws, regulations, and contract requirements, so that counter-measures can be taken to protect the affected individuals against fraud and identity theft.
• Document: Any actions taken in connection with an incident are documented and a post-incident review of events is conducted in order to record changes in business practices relating to the protection of Institute information.

Contact the team at infoprotect@mit.edu
Coordinator: Jessica Murray