Responsible Disclosure Policy

Disclosure Policy

We recognize how important it is to help protect privacy and security. We understand that secure data and services are critical in establishing and maintaining trust with our users. We strive to consistently deliver secure and enjoyable experiences in our website and services. Working together we can all make website secure, protect our data and the Internet safer.


The following sites are in scope:


Reporting Security Issues

Security of our networks and services is important for us and for you. We take it seriously.

If you have discovered a vulnerability in our website, services or have a security incident to report, send us via our HackerOne Public Bug Bounty Program. Upon receipt of your message we will acknowledge your report.

We believe in responsible security disclosure practices. In accordance with this we appreciate reporters privately notifying us.

We will respond as soon as we can to fix verifiable security issues. When notified of legitimate issues, we will acknowledge your report, begin investigating the issue and will work to correct any vulnerabilities quickly.

Hall of Fame

We would like to thank security researchers for their contribution in ensuring the security of our website & services and our applications through our Hackerone program. To receive credit, you must be the first reporter of a vulnerability and provide us a reasonable amount of time to remediate before publicly disclosing.