Your security is our #1 priority
To report a security concern, please contact us:
Security commitments to patrons and governing authorities are documented and communicated in Service Level Agreements (SLAs) and other customer agreements, as well as in the description of the service offering provided online.
Security commitments are standardized and include, but are not limited to, the following:
Mojo establishes operational requirements that support the achievement of security commitments, relevant laws and regulations, and other system requirements. Such requirements are communicated in Mojo’s system policies and procedures, system architectural design documentation, and contracts with customers.
Information security policies define an organization-wide approach to how systems and data are protected. These include policies around how the service is designed and developed, how the system is operated, how the internal business systems and networks are managed and how employees are hired and trained. In addition to these policies, standard operating procedures have been documented on how to carry out specific manual and automated processes required in the operation and development of the Mojo platform.
These Program Rules provide our guidelines for reporting vulnerabilities to Mojo Interactive Inc..
If you believe you have identified a security vulnerability that could impact Mojo Interactive Inc. or its users, we ask you to notify us right away. We will investigate all legitimate reports and do our best to quickly fix the problem. We request you follow our Vulnerability Disclosure Program Rules and HackerOne's Vulnerability Disclosure Guidelines (https://www.hackerone.com/disclosure-guidelines) and make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service during your research.
Note: This program is meant for vulnerabilities and security-related bugs. If you have a general bug report or site feedback, please submit it on our Feedback page.
Scope
Websites and services operated by Mojo Interactive Inc., which include:
Please do not submit:
Scope is limited strictly to software and hardware vulnerabilities—not people. As such, Mojo Interactive Inc. users, customers, and employees are entirely out of scope of this program.
Third-party software and services that we use, such as CloudFlare, should be reported to the appropriate parties and are not eligible for a reward from us. We'd appreciate a head's up and will credit you on our Thanks page though!
Eligibility & Disclosure
In order for your submission to be eligible:
Rewards
For each eligible vulnerability report, the reporter will receive:
Exclusions
The following conditions are out of scope for our vulnerability disclosure program:
Submissions & Questions?
Send us an e-mail at security@mojo.com