Reporting a cyber security issue

To improve the protection of its information and communication technologies (ICT) systems and assets, UN Women encourages the public to assist with its efforts by disclosing vulnerabilities in UN Women’s publicly accessible information systems and assets as well as reporting cyber security issues.

What to report | Reporting policy | Information Security Hall of Fame

What to report to UN Women

The public is invited to report cyber security issues, incidents, and details of vulnerabilities associated with publicly accessible UN Women ICT systems, including websites.

Reporting policy

UN Women will accept disclosures of vulnerabilities and cyber security issues and incidents under the following conditions:

  • The vulnerability and/or cyber security issue or incident has not already been publicly disclosed.
  • The vulnerability and/or cyber security issue or incident should be reported to UN Women as quickly as possible after its discovery.
  • The findings must remain confidential for at least 90 days following the date the vulnerability or cyber security issue or incident was reported to UN Women or until public disclosure of the vulnerability has been made on this website.
  • The severity of a vulnerability finding is assessed by UN Women at its own discretion.
  • The name and contact information of the reporter may be disclosed to affected technology vendor(s) unless otherwise requested by the reporter.
  • UN Women reserves the right to accept or reject any security vulnerability or cyber security issue or incident disclosure report at its discretion.

If you believe you have found a vulnerability or issue and would like to report it, we ask that you submit a detailed description of the issue to us, including the steps that we can take to reproduce the issue and/or a proof-of-concept. As much information as possible regarding the finding should be communicated to UN Women to enable the organization to reproduce and verify the vulnerability, issue or incident, in order to implement appropriate remediation actions.

Once you submit a report to UN Women, please allow the information security team a reasonable amount of time to respond to your report and correct the issue.

If more information is required regarding a reported finding, UN Women may contact the reporter; therefore, it is important to provide valid contact details, including email address and/or telephone number.

If the conditions listed above are satisfied, UN Women will verify the existence of the vulnerability, notify affected parties, and implement actions to mitigate the vulnerability.

Once the vulnerability has been removed, the reporter will be acknowledged and listed on this page (unless s/he wishes to remain anonymous) along with a short description of the vulnerability or issue reported.

By reporting vulnerability findings to UN Women, the reporter acknowledges that such reporting is provided pro bono and without expectation of financial or other compensation. The reporter also affirms that neither s/he nor any entity that s/he represents is complicit in human rights abuses, tolerates forced or compulsory labour or uses child labour, is involved in the sale or manufacture of anti-personnel mines or their components, or does not meet the purposes and principles of the United Nations.

Submit a report ►

UN Women Information Security Hall of Fame

UN Women is grateful to the following individuals and organizations that have helped UN Women to improve the security of the organization’s information systems, data, and ICT resources by reporting security issues and vulnerabilities discovered.  

NameNumber of Reports
2019
Number of Reports
2020
Number of Reports
2021
Abdeali  1
Abdurrahman Nazim  1
Abhi Chitkara 1 
Aditya Soni 2 
Agrah Jain2  
Ahmed Adel Abdelfattah 1 
Akash.H.C (bughunter)1  
Alfie Njeru (@emenalf)1  
Ambadi MP3  
Anurag Mewar2  
Arcot Manju1  
Ashik Kunjumon 
Athul Jayaram1  
Avishek Nayal11 
Ayan Saha7  
Ayush Pokhrel1  
Ayushi Poreddiwar 
Balamuralidharan M (Cor3min3r)3  
Bertrand Stivalet 
Chevon Phillip2  
Chitranshu Jain1  
CYBQ1  
Dilipkumar Dubey 
Eminence Ways PVT. LTD.1  
Eshan Singh21 
Gaurav Kumar 1
Gourab Sadhukhan 1 
Geethu Sivakumar 1 
Hsu Myat Noe 1 
Ismail Tasdelen11 
Janmejaya Swain3  
Jeetu Rajput1  
Juveria Banu2  
Kabeer Saxena 
Kishore Hariram2  
Laxman Rokade 1 
Lütfü Mert Ceylan1  
Madhumohan Ramkumar2  
Mahadev Gavas1  
Manish Kumar 1 
Md. Asif Hossain1  
Mehul Bharat Lunagariya2  
Mehmet Can GÜNEŞ 1 
Miguel Santareno 1 
Mohammad Abdullah 2 
Mohamed Abogwila1  
Mohammed Adam1  
Mohd.Danish Abid 
Mohsin Khan 1 
N. Karthik2  
Naman Shah 
Nayanjyoti Roy 1 
Nishant Lungare1  
Noth(沈彧璿) 1 
Omur Ugur1  
Pankaj Kumar Thakur1  
Paras Arora 1
Pardon Mukoyi 1 
Parth Shukla 
Pethuraj M1  
Prajit Sindhkar (SAPT)  1
Prakash Kumar P. 1 
Pranil Kulkarni2  
Prasad Panchbhai1  
Pratik Khalane 1 
Pritam Mukherjee 2 
Pritam Singh1  
Purbasha ghosh 1 
Rahad Chowdhury1  
Rajesh Ranjan3  
Ratna Khare2  
Riddhi Suryavanshi1  
Rohi Kumar 1 
Rohit Soni2  
Sagar Banwa 1 
Sanjeet Mishra 1 
Sarthak Goyal2  
Saurabh Kumar Pandey1  
SecurityMate 1 
Shailesh Kumar1  
Shaurya Sharma1  
Shivam Pravin Khambe1  
Shrimant Subhash More1  
Sibivasan M1  
Simone La Porta 1 
Sourajeet Majumder 1 
Srinivas M 1 
Steeven George1  
Steven Hampton1
Subhamoy Guha1  
Subramanian Ramakrishnan 1 
Sunil Singh2  
SWETHA SRIDEVI N 1 
Tijo Davis 1 
Tushar Vaidya5  
Venkatesh Boga 1 
Venktesh Chandrikapure1  
Vikas Srivastava1  
Vishal Pathak 
Vivek Nathe1  
Vivek Panday2  
Wai Yan Aung11 
Yogeshwaran Chandrasekaran 1 
news
Latest news