Report vulnerabilities

The safety of your data is our top priority. That’s why we work hard to protect our systems. But did you nonetheless find a flaw in our security? Help us by reporting the vulnerability. Please do not make a vulnerability public, before working with us on a solution first. We are not trying to cover up our mistakes, but making a vulnerability public might have serious consequences for all our customers.

How can I report a vulnerability?

You can report a vulnerability by sending an email to [email protected]. If possible, encrypt your email with our GPG-key (ask for key) to prevent the information from falling in the wrong hands. Please explain in your e-mail the vulnerability you have found and provide us with enough information to reproduce and investigate the problem.

Can I report a vulnerability anonymously?

Absolutely. You are not required to provide your personal details.

The rules

You might have conducted illegal activities to discover a vulnerability. We will not report these activities or claim damages if you have followed these rules: