We take security very seriously, and we do investigate all reported vulnerabilities. Please report a vulnerability or security concern regarding PastBook.com or any related services by email to security@pastbook.com.
The information you share with PastBook is kept confidential within PastBook. Only if the vulnerability you report is found to affect a third-party product, PastBook will share this information with the third-party product’s author or manufacturer. Otherwise, PastBook will only share this information as permitted by you.
In order to protect our customers, we request that you not post or share any information about a potential vulnerability in any public setting until we have researched, responded to, and addressed the reported vulnerability, and informed customers if needed. Also, we respectfully ask that you do not post or share any data belonging to our customers. Addressing a valid reported vulnerability will take time, and the timeline will depend upon the severity of the vulnerability and the affected systems.
PastBook will review the submitted report, and assign it a tracking number. We will then respond to you, acknowledging receipt of the report, and outline the next steps in the process.
We are committed to being responsive and keeping you informed of our progress as we investigate and / or mitigate your reported security concern. You will receive a non-automated response to your initial contact within 1 working day, confirming receipt of your reported vulnerability.