Light & Wonder, Inc. (L&W) places the highest priority on maintaining and improving the security of our systems and infrastructure. However, despite our best efforts, vulnerabilities can still exist. This Statement sets out how you can help us to protect all our clients and systems, by safely and securely reporting any vulnerabilities identified within our software, hardware, or source code.
How to report a vulnerability
If you identify a vulnerability, we would be grateful if you could report it as soon as possible to email@example.com.
When reporting, please:
Include as much information as you can, including the nature of the vulnerability, how you identified it and its impact.
If you can, include the IP address, URL and/or source path of the location of the vulnerability.
Delete all data obtained while identifying the vulnerability immediately and securely upon making your report.
L&W will respond to you as soon as possible with an assessment of the issue and an anticipated date of resolving it (if applicable). We will try to keep you updated on our progress in working toward resolving the vulnerability.
Your report will be treated in the strictest confidence and no personal details will be shared with any third party without your consent, except as otherwise required by law.
Please note: L&W does not offer any form of financial compensation for reporting vulnerabilities.