Report Cybersecurity Incidents - Phoenix City Ordinance

Technology and Data Arizona 3 Minutes Read ยท published February 05, 2026 Flag of Arizona

Phoenix, Arizona residents, contractors, and city employees should report any suspected cybersecurity incident that affects City of Phoenix systems or data as soon as possible. This guide explains who to contact, typical city enforcement pathways, immediate actions to preserve evidence, and how to appeal or seek review. It consolidates official City of Phoenix reporting channels and explains what the city publishes about penalties and processes.

What to report

Report events that may compromise confidentiality, integrity, or availability of city systems or data: unauthorized access, ransomware, data exfiltration, suspicious accounts, or malware on city-managed devices.

  • Unauthorized access to city networks or accounts.
  • Evidence of data export, leaks, or unknown data transfers.
  • Ransomware or system-encrypting malware on city servers or devices.
  • Suspicious communications posing as city staff asking for credentials.
Report early to limit damage and preserve forensic evidence.

How to report

Use official City of Phoenix Information Technology reporting channels first for incidents involving city systems; if a crime has occurred, also notify the Phoenix Police Department. Contact the city IT team via the official Information Technology page City of Phoenix Information Technology[1] and notify Phoenix Police if you believe criminal activity occurred Report a Crime - Phoenix Police[2]. Provide a clear summary, affected systems, times, and any preserved logs or screenshots.

Penalties & Enforcement

The City of Phoenix does not publish specific municipal fines for cybersecurity incidents on its public IT reporting pages; monetary penalties and escalation details are not specified on the cited pages. Enforcement generally involves the City of Phoenix Information Technology team for containment and mitigation, and the Phoenix Police Department for criminal investigation where appropriate.

  • Fine amounts: not specified on the cited page.
  • Escalation and repeat-offence schedules: not specified on the cited page.
  • Non-monetary actions: account suspension, forced password resets, disabling access, system isolation, and system restoration orders.
  • Criminal referral: incidents with evidence of criminal activity may be referred to Phoenix Police for investigation and to state prosecutors.
  • Enforcer and contact: City of Phoenix Information Technology and Phoenix Police Department; see Help and Support / Resources below.
Specific fine amounts and appeal time limits are not published on the city's IT reporting pages.

Applications & Forms

No public incident-reporting form for city cybersecurity incidents is published on the City of Phoenix Information Technology pages; submission appears to be via contact channels listed on those pages or by contacting Phoenix Police for crimes. For official forms or documented submission methods, consult the listed department pages below.

Immediate steps to take

  • Isolate affected devices from networks if safe to do so to prevent spread.
  • Preserve logs, screenshots, and evidence; do not power-cycle servers unless instructed by IT for forensic reasons.
  • Notify City of Phoenix Information Technology and provide a concise incident timeline.
  • If criminal activity is suspected, contact Phoenix Police to file a report.
Avoid altering evidence; preserve files and logs for forensic review.

FAQ

Who should I contact first for a suspected incident affecting city systems?
Contact City of Phoenix Information Technology via the official IT page; if you suspect a crime, also contact Phoenix Police to report it.
Are there published fines for cybersecurity incidents under Phoenix city code?
Specific municipal fines related to cybersecurity incidents are not specified on the cited City of Phoenix IT pages; consult enforcement contacts for case-specific outcomes.
Can I appeal enforcement actions or penalties?
Appeal or review procedures and time limits are not specified on the cited pages; ask the enforcing department for written appeal instructions when notified of an action.

How-To

  1. Document the incident: record times, affected systems, user accounts involved, and gather screenshots and logs.
  2. Contact City of Phoenix Information Technology through the official IT page and provide the documented details and available evidence City of Phoenix Information Technology[1].
  3. If you suspect criminal conduct (theft of data, extortion, or unauthorized access), file a report with Phoenix Police Report a Crime - Phoenix Police[2] and provide the incident number to city IT.
  4. Follow instructions from city IT for containment, forensic preservation, and remediation; keep records of all communications for appeals or insurance.

Key Takeaways

  • Report quickly to limit harm and preserve evidence.
  • City IT handles containment; Phoenix Police handle criminal investigations.

Help and Support / Resources

  1. [1] City of Phoenix Information Technology - Official page for IT services and contacts.
  2. [2] Phoenix Police - Report a Crime page for filing criminal reports.

Categories

General Governance and Administration Public Safety Public Health and Welfare Land Use and Zoning Housing and Building Standards Transportation Environmental Protection Parks and Public Spaces Business and Consumer Protection Taxation and Finance Labor and Employment Education Civil Rights and Equity Elections and Campaign Finance Events and Special Uses Signs and Advertising Utilities and Infrastructure Technology and Data