Report a Security Vulnerability

If you have discovered or suspect a security vulnerability on any systems owned or operated by UC Berkeley, please report them immediately to the Information Security Office by emailing security@berkeley.edu

When reporting a vulnerability, please provide as much information as possible.

Never include sensitive information over email, instead, call us at: (510) 664-9000 (options 1, 1, 3).

Include in your report:

  • Your name and contact information
  • Which systems are affected (IP addresses, hostnames, URLs, etc.)
  • Description of the security vulnerability and steps to reproduce the issue
  • Date and time the vulnerability was discovered
  • Any other known resources affected

Quick Links

Report a Security Incident 
How to report Security Incidents such as an intrusion, breach, and computer/network misuse

Respond to a Security Notice ⇢
How to respond if  you have received a security notice from the Information Security Office

Report a Stolen or Lost Device ⇢
Steps to take if your laptop, tablet, or phone has been stolen or lost

Request a Policy Exception ⇢
Instructions to request an exception to the campus minimum security standards

Submit an Off-Site Hosting Request ⇢
Request to host data services off-campus with a third-party service provider