Report a Data Breach to Los Angeles City Officials

In Los Angeles, California, city departments require prompt reporting of incidents that may expose personal data. This guide explains how to notify city officials, which offices respond, basic timelines, and immediate steps to preserve evidence and limit harm. Use the contacts and forms listed to submit an official report and follow up with departments that enforce city policies and coordinate legal or law enforcement referrals.

Who to notify

City-level response is typically coordinated by the Information Technology Agency (ITA) for technical incidents and the City Attorney for potential legal issues. For incidents affecting city systems or data, notify the ITA security contacts and the City Attorney's office as applicable. You can begin an official ITA incident report via the agency's reporting channel Report Security Incident^[1]. For state-level guidance on data breach notification obligations under California law, consult the California Attorney General’s data breach page California Attorney General - Data Breaches^[2].

Penalties & Enforcement

Penalties for failing to report or for violating data-protection obligations involving city-held data depend on the applicable municipal rules, contracts, and potentially state law. Specific fine amounts or per-day penalties are not specified on the cited city reporting page and must be determined from the controlling ordinance or contract language cited by the enforcing office. Remedies can include administrative orders, requirements to remediate security gaps, contract damages, civil enforcement by the City Attorney, and referral to law enforcement for criminal conduct.

• Fine amounts: not specified on the cited page; check contract or ordinance cited by the enforcing department.
• Escalation: first, repeat, and continuing offences procedures are set by the enforcing authority and are not specified on the cited page.
• Non-monetary sanctions: remediation orders, injunctive relief, suspension of access or contracts, and civil litigation.
• Enforcers and contacts: Information Technology Agency and the City Attorney; incident intake via ITA reporting link and City Attorney intake channels City Attorney.
• Appeals and review: appeal routes vary by enforcement instrument; time limits for administrative reviews or civil appeals are determined by the specific code section or contract—if not listed, they are not specified on the cited page.

Applications & Forms

The ITA provides an incident report intake process; a named "Security Incident Report" form or portal is referenced on the ITA reporting page. If no form is required, the ITA page may provide an email or portal upload mechanism. For legal notices that may be required to affected individuals or regulators, consult the City Attorney and the California Attorney General guidance linked above.

How to preserve evidence and initial actions

Take immediate containment and preservation actions before submitting a full report: isolate impacted systems, preserve logs, capture timestamps, and document what data types were involved. Preserve chain-of-custody for any exported evidence and record who had access.

• Containment: isolate systems and change credentials where appropriate.
• Evidence: preserve logs, backups, and timestamps.
• Documentation: record discovery time, scope, and actions taken.

Action steps - immediate to 72 hours

1. Identify affected systems and data categories and contain the incident.
2. Notify ITA through the official reporting channel and inform your department leadership.
3. Preserve evidence and prepare a factual incident summary for submission.
4. If personal data of residents is affected, follow guidance for notifications to affected individuals and regulators as coordinated with the City Attorney and per California guidance.

FAQ

Who should I contact first for a suspected breach of city data?

Contact the Information Technology Agency via its incident reporting channel and notify your department head; consult the City Attorney for legal evaluation.

Are there set fines for failure to report?

Specific fine amounts are not listed on the cited city reporting page; enforcement and penalties depend on the controlling ordinance, contract, or statute cited by the enforcing office.

Do I need to notify affected residents immediately?

Notification obligations depend on the scope of data involved and applicable law; coordinate with the City Attorney and follow California Attorney General guidance for timelines and content of notices.

How-To

1. Identify and contain the incident, preserving system images and logs.
2. Submit an incident report to ITA using the official reporting channel Report Security Incident^[1].
3. Notify the City Attorney for legal review and to coordinate any required public or individual notifications.
4. Work with ITA and any contracted forensic investigators to remediate and produce a final incident report.
5. Follow appeal or review procedures if enforcement actions are taken; seek timelines from the enforcing office.

Key Takeaways

• Notify ITA promptly and preserve evidence to enable investigation.
• Penalties and procedures depend on the enforcing instrument; specific fines may not be published on the intake page.
• Coordinate with the City Attorney for legal notices and regulatory obligations.

Help and Support / Resources

• Information Technology Agency (ITA) - City of Los Angeles
• City Attorney - City of Los Angeles
• City Clerk - City of Los Angeles
• Los Angeles Department of Building and Safety

1. [1] City of Los Angeles Information Technology Agency - Report Security Incident
2. [2] California Attorney General - Data Breaches