This page is for security researchers interested in reporting security vulnerabilities.
We encourage vulnerability reporting
We are committed to the protection of our customers’ information. Because threats to our corporate environment and customer assets are ever present, we also value the important role the security community plays in helping us mitigate information security risk.
If you have information about possible security vulnerabilities in any Bendigo Bank product or service, please submit a report using these guidelines.
How to report information relating to potential security threats or issues
If you think you’ve found a security vulnerability, report it via Bugcrowd, who manage our Vulnerability Disclosure Program. All disclosures must be made through Bugcrowd, not directly to Bendigo Bank.
For more information, including the terms of the disclosure program, visit Bugcrowd.
Think you've received a phishing or hoax email or SMS?
Please refer to latest scam alerts for reporting suspicious SMS or any phishing related scams.
Useful information
Recognition
Bendigo Bank does not compensate individuals or organisations for identifying potential or confirmed security vulnerabilities. We thank the researchers who have helped keep our customers and communities safe by reporting security vulnerabilities.
Privacy
For more information about how we manage your personal information, please refer to our Privacy Policy.
