GameSparks takes security extremely seriously. We investigate all reported vulnerabilities and this page describes how we address potential vulnerabilities in the GameSparks service.
Reporting Suspected Vulnerabilities
To report a vulnerability or security concern regarding the GameSparks service, please create a support ticket with the “Type” of “Security Report”.
To allow us to respond as quickly and effectively as possible, please ensure you include all required supporting material: proof of concept, outputs, and so on that would be beneficial for reproducing the reported concern and for assessing the severity of the vulnerability.
An automated tracking number will be assigned to all submitted reports. A member of the GameSparks team will then respond to you within 24 hours acknowledging receipt of the report, and outlining the next steps in the process.
Once the report has been submitted, GameSparks will work to reproduce the reported vulnerability. If additional information is needed in order to do this, a member of the GameSparks team will work with you to obtain the required information. When the initial investigation is complete, we will share our results with you along with our plan for resolution and public disclosure, where applicable.
The GameSparks team are committed to being responsive and to keeping you informed of our progress as we investigate and mitigate your reported concern. You will receive progress updates from us at least every five working days.
Depending on their severity and the systems involved, security vulnerabilities can take time to mitigate. To allow us to best protect our customers, GameSparks requests that you do not post or otherwise share any information regarding a potential vulnerability until we have investigated, reproduced, and addressed the reported concern and until we have informed any customers where applicable. We also respectfully ask that you do not post or share any data belonging to our customers obtained through any security breach.