A HackerOne employee was dismissed from his position after the bug bounty company confirmed that he accessed the platform's security bug reports.
Based on the ongoing investigation, the former staff leaked the documents outside the platform.
Since action is a terminable offense for the company, Chris Evans, HackerOne's chief information security officer (CISO) and co-founder, confirmed that they fired the accused employee 24 hours after discovering his offense.
For those unfamiliar with HackerOne, it is a bug bounty platform used by various government departments, as well as giant businesses and companies, to manage their bug bounties.
HackerOne Employee Fired After Leaking Security Bug Reports!
According to ZDNet's latest report, the fired HackerOne employee accessed the platform's bug reports at some point between Apr. 4 and June 22.
Also Read : Verizon Employees' Personal Data Breached but Company Doesn't Believe the Information is Sensitive
The company identified this activity after a customer asked them to investigate a suspicious vulnerability disclosure.
The consumer, who was not named, said accused the employee of sharing HackerOne's bug bounty records outside the platform's reach.
"The submitter of this off-platform disclosure reportedly used intimidating language in communication with our customer," said CISO Evans via his official blog post.
He added that the details disclosed by the former employee to the complainant were already submitted to the HackerOne platform.
To make this scenario easier to understand, the terminated staff seems to be double-dipping. This means he is trying to benefit from different revenue sources using a single work, which is illegal.
Why Is It Illegal?
Evans explained that the dismissed HackerOne staff accessed and used the platform's security bug reports to claim additional bounties from companies and businesses.
Of course, this is an unethical way to earn revenue if you are working for a bug bounty company. Evans added that the ex-employee already wrongfully received bounties after conducting various disclosures outside HackerOne.
If you want to see further details about HackerOne's latest investigation, you can click this link.
Previously, the Sandworm hackers resurfaced after half a decade.
On the other hand, experts warned about Chinese hackers that are using VLC media players to spread their computer viruses.
For more news updates about security threats and other related topics, keep your tabs open here at TechTimes.
Related Article : Canadian Pleads Guilty to Hacking Charges, Admits Being Affiliated With NetWalker Ransomware Group
This article is owned by TechTimes
Written by: Griffin Davis