Rogue HackerOne employee steals bug reports to sell on the side

Gandalf_The_Grey

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,578
Content source
https://www.bleepingcomputer.com/news/security/rogue-hackerone-employee-steals-bug-reports-to-sell-on-the-side/
A HackerOne employee stole vulnerability reports submitted through the bug bounty platform and disclosed them to affected customers to claim financial rewards.

The rogue worker had contacted about half a dozen HackerOne customers and collected bounties “in a handful of disclosures,” the company said on Friday.

HackerOne is a platform for coordinating vulnerability disclosures and intermediating monetary rewards for the bug hunter submitting the security reports.
Click to expand...
HackerOne notes that its former employee had used “threatening” and “intimidating” language in their interaction with customers and urged customers to contact the company if they received disclosures made in an aggressive tone.

The company says that “in the vast majority of cases” it has no evidence of vulnerability data having been misused. However, customers that had reports accessed by the inside threat actor, either for nefarious or legitimate purposes, have been informed individually of dates and times of access for each vulnerability disclosure.
Click to expand...
www.bleepingcomputer.com

Rogue HackerOne employee steals bug reports to sell on the side

A HackerOne employee stole vulnerability reports submitted through the bug bounty platform and disclosed them to affected customers to claim financial rewards.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • Wow
Reactions: upnorth, Matt_, harlan4096 and 1 other person
You must log in or register to reply here.

Similar threads

CyberTech
    • Like
    • Applause
HackerOne paid ethical hackers over $300 million in bug bounties
Replies
0
Views
585
News Archive
CyberTech
CyberTech
upnorth
    • Like
    • Applause
    • Wow
Dangerous RCE Bug Lays Open ConnectWise Server Backup Managers
Replies
2
Views
671
News Archive
Gandalf_The_Grey
Gandalf_The_Grey
Tutman
    • Wow
    • Like
ExpressVPN offering $100,000 to first person who hacks its servers
Replies
0
Views
671
News Archive
Tutman
Tutman

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top