dunnhumby Information Security - How to report vulnerabilities

dunnhumby Information Security

How to report vulnerabilities

 

All technology contains bugs and the security of our products and services is of paramount importance to dunnhumby’s teams – so we appreciate and respect the work of security experts and researchers in this area.

 

Vulnerability disclosure should be safe, transparent and acknowledged in our website.

Vulnerability Reporting

If you believe that you have found a vulnerability in dunnhumby website or system, please contact us. You can report it to us using security.txt.

Please, always ensure that your message is encrypted.

PGP key

Notes on how to report vulnerabilities:

To submit your report, please:

  • write your report in English, if possible.
  • provide your name and contact information.

The report should include a detailed description of your discovery with clear, concise reproducible steps or a working proof-of-concept. If you don’t explain the vulnerability in detail, there may be significant delays in the feedback process, which is undesirable for everyone. Once you have submitted the report, it will be assessed by security team.

Please give us time to develop and roll out countermeasures, before you make technical details public (Responsible Disclosure).