| ||Ask HN: Help disclosing serious bank website exploit|
3 points by bank0day 49 days ago | hide | past | favorite | 2 comments |
|I uncovered a massive bug that allows anyone to access a customer's PII at a US bank.|
I checked HackerOne and they don't have a bug bounty program. What's the appropriate way to report this?
I wasn't doing any pen testing, I accidentally uncovered this exploit while using the website as a customer. This is a massive bank that doesn't have a history of acting ethically.
| Apply to YC