Superblock Security Response

If you have discovered a security-related problem in one of Superblock's products, services, or networks, we greatly appreciate you reporting them to us. Superblock supports coordinated vulnerability disclosure and we appreciate any heads-up you can give us to protect our customers and systems before publicly disclosing your findings.

Note: We do not generally pay out rewards for security disclosures. Please do not run automated security scanners against our servers. We will not respond to automated security scanning reports.

For urgent or sensitive reports, please e-mail us directly at security@superblock.net, using our PGP Public Key if needed.

For non-security related issues, please contact us through our support channels.

Once we receive your report, we will respond as soon as possible (usually within 1 business day) to confirm receipt of your report. We will investigate the issue and follow up with you once we have finished our investigation.

Responsible Security Researchers

Superblock would like to thank the following security researchers for responsibly disclosing security issues to us:

  • Rodolfo Godalle, Jr. (Superblock billing site, medium risk) (2014-03-16)
  • Shubham Sahu (Superblock billing site, low risk) (2014-03-20)
  • S.Venkatesh (Superblock e-mail site, low risk) (2014-03-25)
  • Osama Mahmood (Superblock site, medium risk) (2014-03-26)