Skip to main content

A hacker contacted you. Now what?

HackerOne can help.

Every five minutes, a hacker reports a vulnerability. If a hacker contacts your organization, HackerOne can help you plot your next steps—from communication to remediation. And if you're a hacker seeking to report a vulnerability you've discovered, HackerOne can help you notify the appropriate parties.

I received a vulnerability report and my organization needs assistance with next steps.*

*If you're being extorted, blackmailed, or threatened by a bad actor, contact law enforcement .

My organization wants to learn more about HackerOne vulnerability programs.

If you are a hacker looking to submit a vulnerability you have discovered:

  1. First, search the HackerOne Directory for the appropriate program to report your finding.
  2. If a program does not exist, submit the vulnerability through our Disclosure Assistance process .

What should I do if I'm experiencing a DDOS attack?
What should I do if I'm experiencing a malware attack?
What should I do if I've discovered a phishing attempt?