Report a Cybersecurity Breach to City IT - Columbus

Technology and Data Ohio 3 Minutes Read · published February 06, 2026 Flag of Ohio

In Columbus, Ohio, city employees, contractors, and residents who detect a suspected municipal cybersecurity breach should report it promptly to the City IT team and relevant enforcement offices. This guide explains what to include in a report, the likely enforcement path, common penalties or remedies where published, and practical steps to preserve evidence and notify affected parties.

Penalties & Enforcement

Columbus municipal code and official department policies govern city systems, incident handling, and confidentiality obligations. Specific monetary fines tied solely to cybersecurity breaches are not enumerated in the cited municipal code pages; penalties for related misconduct may appear under broader computer misuse, records, or contract provisions.Columbus Code of Ordinances[1]

  • Monetary fines: not specified on the cited page; municipal or contractual remedies may apply.
  • Escalation: first incident response and remediation, repeat or willful misconduct may lead to administrative action or referral to law enforcement; ranges not specified on the cited page.
  • Non-monetary sanctions: orders to remediate, termination of access, contract termination, injunctive relief, or criminal referral where state or federal law applies.
  • Enforcer: City IT / Department of Technology for technical response; Human Resources, Procurement, or the City Attorney for employment or contractual issues; Columbus Division of Police for criminal matters.
  • Appeals: administrative reviews or civil appeals are governed by the specific enforcement instrument; time limits for appeals are not specified on the cited page.
If you suspect active compromise, do not power down affected systems; preserve logs and contact City IT immediately.

Applications & Forms

No dedicated public incident-reporting form for municipal cybersecurity breaches is published on the cited code page; City IT typically accepts incident reports by secure email, an internal ticketing system, or phone per department guidance.

How to Report

Follow clear steps so City IT and enforcement offices can respond quickly and preserve legal options.

  1. Collect basic details: date/time detected, affected systems, user accounts involved, and a short description of suspicious activity.
  2. Preserve evidence: do not overwrite logs, take screenshots, and isolate affected machines from networks where possible without powering down critical devices.
  3. Contact City IT immediately using official channels; if you cannot reach City IT, notify your supervisor and the City Attorney’s office.
  4. Provide a written incident report with attachments (logs, screenshots) and identify any data types potentially exposed (e.g., personal data, financial records).
  5. If criminal activity is suspected, City IT may notify Columbus Division of Police and coordinate with the City Attorney and external investigators.
Document steps you took after discovery to show reasonable mitigation efforts.

FAQ

Who must report a suspected breach?
Any city employee, contractor, or authorized user who discovers or suspects unauthorized access to city systems should report to City IT immediately.
What information should I include in the report?
Date/time discovered, systems affected, user names, screenshots, and any steps taken to contain the issue.
Will reporting trigger disciplinary action?
Reporting in good faith is required; disciplinary action applies for willful misconduct or negligence per city policies.

How-To

  1. Immediately isolate affected devices where possible and document the state of systems.
  2. Call or email City IT’s incident response contact and open a ticket with detailed information.
  3. Attach evidence: logs, screenshots, and a timeline of events to the ticket or secure upload portal.
  4. Follow City IT instructions for remediation and cooperate with any internal or external investigators.

Key Takeaways

  • Report suspected breaches immediately to protect systems and evidence.
  • Preserve logs and document actions to support investigations and appeals.
  • City IT coordinates technical response; legal or criminal referrals involve the City Attorney and Columbus Police.

Help and Support / Resources

  1. [1] City of Columbus Code of Ordinances - Municode

Categories

General Governance and Administration Public Safety Public Health and Welfare Land Use and Zoning Housing and Building Standards Transportation Environmental Protection Parks and Public Spaces Business and Consumer Protection Taxation and Finance Labor and Employment Education Civil Rights and Equity Elections and Campaign Finance Events and Special Uses Signs and Advertising Utilities and Infrastructure Technology and Data