Have you been breached?

HackerOne can help.

Every five minutes, a hacker reports a vulnerability. If you've been breached or a hacker contacts your organization, HackerOne can help you plot your next steps—from communication to remediation. 

I received a vulnerability report and my organization needs assistance with next steps.*

*If you're being extorted, blackmailed, or threatened by a bad actor, contact law enforcement.

My organization wants to learn more about HackerOne vulnerability programs.


What should I do if I'm experiencing a DDOS attack?

During a Distributed Denial of Service (DDOS) attack, bad actors flood your network with malicious traffic. If you’re experiencing a DDOS attack, notify your security provider, who might be your internet service provider (ISP), web hosting provider, or security service.

What should I do if I'm experiencing a malware attack?

Disconnect from the internet immediately and contact your IT department or Internet Service Provider (ISP)

What should I do if I've discovered a phishing attempt?

If you are a hacker looking to submit a vulnerability you have discovered:

  1. First, search the HackerOne Directory for the appropriate program to report your finding.
  2. If a program does not exist, submit the vulnerability through our Disclosure Assistance process.