HackerOne apologizes to Ukrainian hackers for accidentally blocking payouts

Ukraine hacker

Today Chris Evans, the CISO of the bug bounty platform HackerOne, apologized to Ukrainian hackers after he falsely blocked their bug bounty payouts following sanctions imposed on Russia and Belarus after the invasion of Ukraine.

The bounty hunters were notified in emails informing them that all transactions to HackerOne accounts from Ukraine, Russia or Belarus have been suspended.

“Due to current economic sanctions and export controls, all communications and transactions (including swag transmission) are temporarily suspended if you are located in Ukraine, Russia or Belarus,” an e-mail received by Ukrainian hackers from HackerOne.

The decision to freeze accounts for Ukrainians on the bug bounty platforms was also shared by HackerOne CEO Mårten Mickos via a tweet now deleted said the company would redirect all rewards to UNICEF for all hackers from sanctioned areas.

Mickos later said: he spoke wrongadding that the bug bounty platform instead “redirects hacker rewards to donations only on the hacker’s specific instruction.”

However, after the unanimous outcry against the decision to freeze Ukrainian accounts, HackerOne backed down (or fixed their mistake) and reinstated the hackers’ accounts, leaving them withdraw their earnings

@Hacker0x01 just to be sure, we’re on the same page

UKRANE IS NOT Sanctioned

Please stop complicating life for Ukrainians

— Metnёw (@vladimir_metnew) March 14, 2022

Today, HackerOne’s CISO Chris Evans apologized for HackerOne’s misguided decision, blaming poor communication and blocked payouts for backend issues.

“On behalf of the HackerOne team, I would like to apologize to the Ukrainian hacker community for the frustration and confusion that our poor communication has caused. We have (and will not) block legal payments to Ukraine,” Evans said

“There have been some fluctuations in backend payment systems. Our teams are working hard to minimize delays on all hacker payments. If you are in Ukraine and have payment problems I will personally support you. DMs open.”

Evans also added that HackerOne will publish a frequently asked questions (FAQ) page within 24 hours to share more information about what happened.

“Thank you to the hacker community for bringing these issues to light. We will correct our incorrect documentation and I will be contacting hackers personally. We always strive to be as transparent as possible and will release an FAQ within 24 hours. “

This post HackerOne apologizes to Ukrainian hackers for accidentally blocking payouts

was original published at “https://www.bleepingcomputer.com/news/security/hackerone-apologizes-to-ukrainian-hackers-for-mistakenly-blocking-payouts/”