Reporting a Security Vulnerability

Improving Online Security

If you discover a security vulnerability on our website, or within any of our games, this page will give you the information you need to report it to us in the best way and ensure that the information reaches the members of our development team that work towards resolving the issues raised in your report.

Reporting a Security Vulnerability

Our players and the security research community can help us quickly repair security problems by directly reporting vulnerabilities. To report a security issue or vulnerability, please email [email protected] with all relevant details. Please note that we aren’t able to reply to all reports that we receive, but we might contact you for additional information where needed.

We’ll triage any reported issues and work towards a resolution as quickly as possible. We kindly ask that you make every effort to avoid privacy violations, degradation of user experience, disruption to production systems, and destruction of data during security testing.

 

Scope

We appreciate reports of all security vulnerabilities, including but not limited to: Web security problems (e.g. cross-site scripting and SQL injection problems) as well as infrastructure security problems, and information disclosure issues.

Any IOI services available from the internet and any software developed by IO Interactive A/S is within scope. This includes our web applications, servers, and all of our games.

 

Bug Bounties

Unfortunately, it is not currently possible for us to offer a paid bug bounty programme.

 

Feedback

If you have any feedback or suggestions on this policy, please contact our security team at [email protected]. This policy will evolve over time and your input will be valued.