Wednesday, August 17, 2022
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory
  • Login
  • Register
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
No Result
View All Result

Home > Cybersecurity > HackerOne employee caught publishing stolen vulnerability reports anonymously

HackerOne employee caught publishing stolen vulnerability reports anonymously

HackerOne announced that one employee was caught stealing and publishing vulnerability reports on bug bounty platforms.


Erdem Yasar Erdem Yasar
July 4, 2022
1 min read
HackerOne employee caught publishing stolen vulnerability reports anonymously

Bug bounty platform HackerOne announced that they have discovered a former employee accessed vulnerability reports submitted by users and published them for personal gain, including bug bounties. The company was alerted by a customer, who asked them to investigate a suspicious vulnerability disclosure made outside of the HackerOne platform. The submitter pinpointed that the disclosure was similar to an existing disclosure previously submitted through HackerOne.

Investigation

The HackerOne security team started investigating the issue after the claims. The investigation revealed that a then-employee had improperly accessed security reports for personal gain. The former employee disclosed stolen vulnerability information on other platforms to claim bounties. The individual has been identified and cut off from access to data. The employee was terminated and HackerOne bolstered its defenses to avoid similar unwanted issues.

HackerOne stated that customers who have been directly impacted by the incident have received direct communication from the company with actionable details. The email includes information about which reports have been accessed by the threat actor. The company said,

« In summary, this was a serious incident. We are confident the insider access is now contained. Insider threats are one of the most insidious in cybersecurity, and we stand ready to do everything in our power to reduce the likelihood of such incidents in the future. A special thank you to the customer who originally alerted us to the possibility of something being wrong and to all the customers who subsequently assisted with this incident. »

See more Cybersecurity News


Tags: HackerOneVulnerability

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Next Post
Google patches a zero-day Chrome vulnerability

Google patches a zero-day Chrome vulnerability

Related News

1,900 Signal users' phone numbers may be exposed

1,900 Signal users’ phone numbers may be exposed

August 16, 2022 10:05 pm
10 malicious packages found on PyPI

10 malicious packages found on PyPI

August 16, 2022 9:30 pm
Cybercriminals target UK water company

Cybercriminals target UK water company

August 16, 2022 8:40 pm
Russian hackers are still focusing on Ukraine

Russian hackers are still focusing on Ukraine

August 16, 2022 7:35 pm
Get free daily newsletters from Cloud7 News Get the Cloud7 Newsletter
Select list(s):

Check your inbox or spam folder to confirm your subscription.

By subscribing, you agree to our
Copyright Policy and Privacy Policy

Get the Cloud7 Newsletter

Sign up for the Cloud7 Newsletter to receive the latest IT business updates straight to your inbox daily.

Select list(s):

Check your inbox or spam folder to confirm your subscription.

Editor's Choice

Interview with Igor Seletskiy on AlmaLinux

7 best hosting control panels

How to update Linux Kernel without rebooting?

7 best Linux mail servers for 2022

7 best cPanel alternatives for 2022

7 best Linux web browsers for 2022

7 best CentOS alternatives

7 best Linux server distros for 2022

How to scan your server for Log4j (Log4Shell) vulnerability

10 Best Web Hosting Services of 2022

AlmaLinux 8.6 Stable is ready to download

Ubuntu 22.04 LTS is available for download. What is new?

Kali Linux 2022.2 is ready for download

Recent News

  • Proton 7.0-4 comes with support for more games
  • Cloud7 Podcast – Episode 10: Software-Defined Storage
  • HostBill introduces new features for domain management
  • 1,900 Signal users’ phone numbers may be exposed
  • 10 malicious packages found on PyPI


Cloud7 is a news source that publishes the latest news, reviews, comparisons, opinions, and exclusive interviews to help tech users of high-experience levels in the IT industry.

EXPLORE

  • Web Hosting
  • Cloud Computing
  • Data Center
  • Cybersecurity
  • Linux
  • Network/Internet
  • Software
  • Hardware
  • How-Tos
  • Troubleshooting

RESOURCES

  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

  • About
  • Privacy & Policy
  • Copyright Policy
  • Contact

© 2022, Cloud7 News. All rights reserved.

No Result
View All Result
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

© 2022, Cloud7 News. All rights reserved.

Welcome Back!

Sign In with Facebook
Sign In with Google
Sign In with Linked In
OR

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Sign Up with Facebook
Sign Up with Google
Sign Up with Linked In
OR

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.