Report a security vulnerability
At ReachTEL, we recognise the importance of keeping our systems and data as secure as possible. We take security issues seriously and will respond swiftly to fix them. If you are a security researcher and believe you have found a vulnerability, we would like to work with you to investigate it.
How to report an issue
If you believe you have found a security issue, please report it to us by emailing security@reachtel.com.au. You are welcome to PGP encrypt your email using our public key.
In your email, please include as much information as possible in order for us to identify and reproduce the issue. We request that you don't disclose the vulnerability until we have had a chance to remediate the issue.
Permitted research
Whitehat security researchers are always welcome. However, we do not tolerate any of the following which will always be reported to the relevant authorities:
- Any attempt to modify or destroy data
- Any attempt to interrupt or degrade the services we offer to our users
- Any attempt to execute a Denial of Service attack
- Any attempt to access a user's account or data
- Any research that involves violation of any applicable law
How we will handle your report
- We will act with urgency and necessary resources to resolve the issue
- We strive to respond to your report within two business days with our evaluation of the report and an expected resolution date
- We will handle your report with strict confidentiality and not pass on your personal details to third parties without your permission
- We will keep you informed of the progress on resolving the problem
