Report Cybersecurity Vulnerabilities - Fresno City Law

Technology and Data California 3 Minutes Read · published February 08, 2026 Flag of California

If you discover or suspect a cybersecurity vulnerability affecting Fresno, California city systems, act promptly to protect data and services. This guide explains who enforces city IT rules, how to report incidents, what penalties or remedies may apply, and the practical steps to preserve evidence and escalate safely.

Penalties & Enforcement

The City of Fresno addresses cybersecurity incidents through its Information Technology Services (ITS) department and law enforcement when criminal conduct is involved. Specific monetary fines or per-day penalties for cybersecurity vulnerabilities are not specified on the cited pages. [1] Enforcement and investigation may involve multiple offices, including ITS, Fresno Police, and the City Attorney.

  • Enforcer: City of Fresno Information Technology Services for system-level issues; Fresno Police Department for suspected criminal activity.[1]
  • Complaint pathway: report incidents to ITS and to Fresno Police if data theft or unauthorized access is suspected.[2]
  • Fines: not specified on the cited page; see municipal code for ordinance procedures and penalties where applicable.[3]
  • Appeals and review: procedures for administrative review or appeal of city actions are governed by the municipal code or specific department rules; detailed timelines are not specified on the cited pages.[3]
Non-monetary remedies can include orders to remediate, suspension of system access, or referral for criminal prosecution.

Applications & Forms

The City does not publish a public ‘‘vulnerability disclosure’’ form on the ITS page; report incidents following ITS contact instructions or file a police report as appropriate. For published application forms or permit numbers related to IT access, none are listed on the cited ITS page. [1]

How to report suspected vulnerabilities

Follow these practical action steps to report safely and preserve evidence.

  1. Document: record dates, affected systems, screenshots, and steps to reproduce without exploiting the vulnerability.
  2. Contact ITS: notify City of Fresno Information Technology Services with your documented information and contact details.[1]
  3. If criminal activity is suspected, file a report with Fresno Police Department to preserve chain of custody.[2]
  4. Follow instructions: cooperate with ITS or investigators; avoid public disclosure until the city has assessed and mitigated risks.
  5. Follow up: if you do not receive acknowledgement, send a courteous follow-up to the listed contacts and note dates of communication.
Preserve logs and avoid active exploitation to prevent legal exposure and data loss.

Common violations and typical outcomes

  • Unauthorized access to city systems — may trigger criminal investigation and administrative sanctions.
  • Failure to disclose a known vulnerability when required by contract — may lead to contract remedies or fines under procurement rules.
  • Poor patching or configuration — typically remediated by ITS; monetary penalties are not specified on the cited pages.

FAQ

Who should I contact first?
Contact City of Fresno Information Technology Services with your documented findings; if you suspect criminal activity, also contact Fresno Police.[1][2]
Will I face penalties for reporting?
Good-faith reporting is encouraged; the cited pages do not list penalties for reporters acting in good faith. If you accessed systems without authorization, potential legal consequences are determined by law enforcement and municipal rules.[3]
Is there a public bug bounty or disclosure policy?
No public bug bounty or formal vulnerability disclosure policy is published on the ITS page as of the cited source.[1]

How-To

  1. Prepare a concise report with dates, affected endpoints, and non-sensitive reproduction steps.
  2. Send the report to ITS using the contact details on the City of Fresno ITS page and request confirmation of receipt.[1]
  3. If data loss or theft is apparent, file a police report with Fresno Police and provide your documentation.[2]
  4. Retain copies of all communications and logs; comply with any lawful instructions from ITS or investigators.
  5. If the city takes administrative action you disagree with, consult the municipal code for appeal rights or contact the City Attorney; specific timelines are not specified on the cited pages.[3]

Key Takeaways

  • Report suspected vulnerabilities to ITS promptly and avoid public disclosure.
  • Involve Fresno Police when criminal activity or data theft is suspected.
  • Preserve logs and communications to support any investigation or appeal.

Help and Support / Resources

  1. [1] City of Fresno Information Technology Services
  2. [2] Fresno Police Department
  3. [3] Fresno Municipal Code (Municode)

Categories

General Governance and Administration Public Safety Public Health and Welfare Land Use and Zoning Housing and Building Standards Transportation Environmental Protection Parks and Public Spaces Business and Consumer Protection Taxation and Finance Labor and Employment Education Civil Rights and Equity Elections and Campaign Finance Events and Special Uses Signs and Advertising Utilities and Infrastructure Technology and Data