Contact ICT Security
Report a vulnerability
Imperial’s IT security team welcome responsible disclosure of any vulnerability in our services. We are committed to verifying and responding to any legitimate reported vulnerability.
- Please provide details of the vulnerability or security issue along with any information needed to reproduce.
- Avoid violating the law, privacy, or any destruction, alteration or denial of our services.
- Do not modify or access any data that doesn’t belong to you.
- Allow us reasonable time to respond and fix the issue. We aim to reply to your initial contact within 2 business days.
Please send an email to firstname.lastname@example.org with your name and contact information. We can provide encrypted channels over S/MIME or other mechanisms if required.
Please note this reporting policy is not permission to “hack” or “pen test” Imperial systems but provides a process to report issues legitimately discovered in the course of using our systems and services.