We take all reports of discovered vulnerabilities in our operational infrastructure seriously.
We investigate all reported vulnerabilities in our operational infrastructure and cyber systems. When a vulnerability is confirmed, we work to remove it or minimize the potential impact as quickly as possible.
We realize the value of responsible vulnerability reporting. People discovering vulnerabilities in Sempra Energy-owned cyber systems or operational infrastructure are encouraged to contact us as soon as possible. Reports may be made anonymously.
Outside third parties, including agencies, organizations or individuals, including security researchers must recognize that unauthorized attempts to modify, compromise or disrupt our operational infrastructure or cyber systems may negatively impact our ability to deliver energy to customers that depend on energy for their safety or security. Unauthorized attempts to modify, compromise, or otherwise disrupt the company’s operational infrastructure or cyber systems shall be handled in accordance with applicable law and regulation.