cyber Breach

HackerOne

Jul 6, 2022 1 min read
HackerOne

A former employee of HackerOne accessed internal data documents of the company for personal financial gain.

He obtained information from security reports submitted to the bug bounty platform and attempted to disclose the same vulnerabilities outside of the platform.

In under 24 hours, the company worked quickly to contain the incident by identifying the then-employee and cutting off his access to data after a suspicious customer received duplicated bug reports and raised complaints.

Source: https://portswigger.net/daily-swig/hackerone-employee-stole-data-from-bug-bounty-reports-for-financial-gain

"id": "HAC1486722",
"linkid": "hackerone",
"type": "Breach",
"date": "07/2022",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.