What do I do when a computer is stolen?

Summary

What steps do we need to follow when reporting the theft of university property/computers?

Environment

Any U-M owned computer asset or other property

Directions

If a university computer is stolen perform the following steps:

  1. Call the local authorities. The user (complainant) should immediately call the local non-emergency police number where the theft occurred. For example, if the incident happened on the U-M campus, they should call the U-M police at 734.763.1131. If the incident happened off campus in Ann Arbor, they should call the Ann Arbor police at ​734.994.2911. LSA TS requires a police report in order to process the theft for the following reasons:
    • We will need to give our inventory information to the police in order to help them identify the stolen device.
    • We can check our servers to see if the stolen item has checked in to any of them after the time of the reported incident. This sometimes provides us with an IP address which can help us locate it (such as the UmichITAM Keyserver, SCCM, Zabbix, or Izzy).
    • We need the complaint number in order to replace the computer through U-M insurance. There is a $1,000 deductible for thefts when replacing stolen equipment. More information for filing a Risk Management claim can be found here.
       
  2. Create a ticket. Send email to LSATechnologyServices@umich.edu and provide the following information:
    • Identify the level of risk to the university by visiting the Safe Computing site and comparing the type of data on the computer according to the risk level descriptions.
    • What day and time did the theft occur?
    • Where did the theft occur (room number/building/address)?
    • What was the name of the reporting officer?
    • What is the officer’s contact information (email, phone, badge number)?
    • What is the complaint number/police report?
    • What sort of data was on the computer (personal/student/subject/...)?
    • If there was study data on the computer, was the data encrypted or de-identified?
Print Article