Reporting a cyber security issue

To improve the protection of its information and communication technologies (ICT) systems and assets, UN Women encourages the public to assist with its efforts by disclosing vulnerabilities in UN Women’s publicly accessible information systems and assets as well as reporting cyber security issues.

What to report | Reporting policy | Information Security Hall of Fame

What to report to UN Women

The public is invited to report cyber security issues, incidents, and details of vulnerabilities associated with publicly accessible UN Women ICT systems, including websites.

Reporting policy

UN Women will accept disclosures of vulnerabilities and cyber security issues and incidents under the following conditions:

  • The vulnerability and/or cyber security issue or incident has not already been publicly disclosed.
  • The vulnerability and/or cyber security issue or incident should be reported to UN Women as quickly as possible after its discovery.
  • The findings must remain confidential for at least 90 days following the date the vulnerability or cyber security issue or incident was reported to UN Women or until public disclosure of the vulnerability has been made on this website.
  • The severity of a vulnerability finding is assessed by UN Women at its own discretion.
  • The name and contact information of the reporter may be disclosed to affected technology vendor(s) unless otherwise requested by the reporter.
  • UN Women reserves the right to accept or reject any security vulnerability or cyber security issue or incident disclosure report at its discretion.

If you believe you have found a vulnerability or issue and would like to report it, we ask that you submit a detailed description of the issue to us, including the steps that we can take to reproduce the issue and/or a proof-of-concept. As much information as possible regarding the finding should be communicated to UN Women to enable the organization to reproduce and verify the vulnerability, issue or incident, in order to implement appropriate remediation actions.

Once you submit a report to UN Women, please allow the information security team a reasonable amount of time to respond to your report and correct the issue.

If more information is required regarding a reported finding, UN Women may contact the reporter; therefore, it is important to provide valid contact details, including email address and/or telephone number.

If the conditions listed above are satisfied, UN Women will verify the existence of the vulnerability, notify affected parties, and implement actions to mitigate the vulnerability.

Once the vulnerability has been removed, the reporter will be acknowledged and listed on this page (unless s/he wishes to remain anonymous) along with a short description of the vulnerability or issue reported.

By reporting vulnerability findings to UN Women, the reporter acknowledges that such reporting is provided pro bono and without expectation of financial or other compensation. The reporter also affirms that neither s/he nor any entity that s/he represents is complicit in human rights abuses, tolerates forced or compulsory labour or uses child labour, is involved in the sale or manufacture of anti-personnel mines or their components, or does not meet the purposes and principles of the United Nations.

Submit a report ►

UN Women Information Security Hall of Fame

UN Women is grateful to the following individuals and organizations that have helped UN Women to improve the security of the organization’s information systems, data, and ICT resources by reporting security issues and vulnerabilities discovered.  

Name Number of Reports
2019
Number of Reports
2020
Aditya Soni 2
Agrah Jain 2
Akash.H.C (bughunter) 1
Alfie Njeru (@emenalf) 1
Ambadi MP 3
Anurag Mewar 2
Arcot Manju 1
Athul Jayaram 1
Avishek Nayal 1
Ayan Saha 7
Ayush Pokhrel 1
Balamuralidharan M (Cor3min3r) 3
Chevon Phillip 2
Chitranshu Jain 1
CYBQ 1
Eminence Ways PVT. LTD. 1
Eshan Singh 2 1
Geethu Sivakumar 1
Hsu Myat Noe 1
Ismail Tasdelen 1 1
Janmejaya Swain 3
Jeetu Rajput 1
Juveria Banu 2
Kishore Hariram 2
Lütfü Mert Ceylan 1
Madhumohan Ramkumar 2
Mahadev Gavas 1
Md. Asif Hossain 1
Mehul Bharat Lunagariya 2
Mohammad Abdullah 2
Mohamed Abogwila 1
Mohammed Adam 1
Mohsin Khan 1
Yogeshwaran Chandrasekaran 1
N. Karthik 2
Nishant Lungare 1
Omur Ugur 1
Pankaj Kumar Thakur 1
Paras Arora 1
Pethuraj M 1
Prakash Kumar P. 1
Pranil Kulkarni 2
Prasad Panchbhai 1
Pritam Mukherjee 2
Pritam Singh 1
Rahad Chowdhury 1
Rajesh Ranjan 3
Ratna Khare 2
Riddhi Suryavanshi 1
Rohi Kumar 1
Rohit Soni 2
Sagar Banwa 1
Sanjeet Mishra 1
Sarthak Goyal 2
Saurabh Kumar Pandey 1
Shailesh Kumar 1
Shaurya Sharma 1
Shivam Pravin Khambe 1
Shrimant Subhash More 1
Sibivasan M 1
Simone La Porta 1
Srinivas M 1
Steven George 1
Subhamoy Guha 1
Sunil Singh 2
Tijo Davis 1
Tushar Vaidya 5
Venktesh Chandrikapure 1
Vikas Srivastava 1
Vivek Nathe 1
Vivek Panday 2
Wai Yan Aung 1 1