Responsible Disclosure Policy
Lumos Labs is deeply committed to the security of our services and our users’ information. If you are a security researcher and have discovered a security vulnerability in one of our services, we appreciate your help in disclosing it to us in a responsible manner.
Lumos Labs will engage with security researchers who report vulnerabilities to us in accordance with this Responsible Disclosure Policy.
Lumos Labs prohibits individuals from accessing, downloading or modifying data residing in any account that does not belong to that individual. The following actions are also prohibited:
Please share the details of any suspected or detected vulnerabilities with the Lumos Labs Security Team by emailing firstname.lastname@example.org. For the security of our users and service, we ask that you do not publicly disclose these details without express written consent from Lumos Labs. In reporting any suspected vulnerability, please include the following information:
If we verify a security vulnerability that you report to us in compliance with this Policy, we commit to:
Any activities conducted in a manner consistent with our policies will be considered authorized conduct and we will not initiate legal action against you. If legal action is initiated by a third party against you in connection with activities conducted under this policy, we will take steps to make it known that your actions were conducted in compliance with this policy.
Thank you for helping keep Lumosity and our users safe!