responsible disclosure

Responsible Disclosure Statement

At LivingSocial, we work hard to ensure that our applications are safe for our customers. We care about protecting the security and privacy of our customer, partner, and employee data; and encourage the responsible disclosure of security vulnerabilities by the security research community.

If you think you have found a security vulnerability in a LivingSocial application, please submit a bug report to securitybugreport@livingsocial.com. We will review your report, and communicate with you on the specifics.

Guidelines to Follow for Responsible Disclosure

  • We ask that you do not corrupt, access, or misuse any data that is not your own.
  • Avoid disrupting our services.
  • We will try to address valid issues in a reasonable timeframe. Please do not disclose a vulnerability before we fix it.
  • Use only the established channel for communicating with us about security vulnerabilities - securitybugreport@livingsocial.com. We can provide you with a PGP key to encrypt the communication if that is your preference.