Security at IOOF

Responsible disclosure

We take the security of our customers’ data very seriously and we value the security community. The responsible disclosure of security vulnerabilities helps us ensure the security and privacy of the IOOF Group and our customers.

The IOOF Group does not condone any malicious or illegal behaviour in the identification and reporting of security vulnerabilities.

The IOOF Group’s Responsible Disclosure Program is managed by Bugcrowd.

To see the terms of the Program, and to disclose, please refer to https://bugcrowd.com/ioof

Please note all disclosures must be made via Bugcrowd, not directly to the IOOF Group.