If you have IT security questions or concerns, your first point of contact should be the ICT Service Desk. Please submit a ‘Report an issue’ form and include as much detail as possible.
Report a vulnerability
Imperial’s IT security team welcome responsible disclosure of any vulnerability in our services. We are committed to verifying and responding to any legitimate reported vulnerability.
Disclosure guidelines
- Please provide details of the vulnerability or security issue along with any information needed to reproduce.
- Avoid violating the law, privacy, or any destruction, alteration or denial of our services.
- Do not modify or access any data that doesn’t belong to you.
- Allow us reasonable time to respond and fix the issue. We aim to reply to your initial contact within 2 business days.
Community members
Please send an email to vulnerability@imperial.ac.uk with your name and contact information. We can provide encrypted channels over S/MIME or other mechanisms if required.
Please note this reporting policy is not permission to “hack” or “pen test” Imperial systems but provides a process to report issues legitimately discovered in the course of using our systems and services.