Nearly 300 HackerOne employees had sensitive personal data exposed after a Broken Object Level Authorization (BOLA) vulnerability was exploited in Navia Benefit Solutions, a third-party employee benefits administrator. The breach occurred between December 22, 2025 and January 15, 2026, but HackerOne didn't receive formal

3m read timeFrom go.theregister.com
Post cover image

Sort: