The security of our systems and applications is important to us. Should you identify a potential vulnerability in any product, system, or asset belonging to IHG, we encourage you to contact us.
How you can help
- Email your findings to: email@example.com as soon as possible
- Provide sufficient information to enable us to investigate the potential vulnerability, including IP addresses, URLs, description of the vulnerability, and how the vulnerability was identified
- Contact us immediately if you identify personal or corporate data
- Avoid making copies of personal or corporate data and delete all confidential information if a vulnerability is confirmed
- Do not share information about the potential vulnerability with others
- Do not engage in social engineering, penetration testing, denial of service, or physical security testing
- Do not participate in any activity that violates laws or regulations
- IHG does not have a bug bounty programme, but we appreciate you sharing potential vulnerabilities with us
What you can expect from us
We take every submission of potential weaknesses of vulnerability seriously and appreciate your efforts to responsibly identify and share this information with us. IHG will use best efforts to respond to your submission promptly and will work to triage and resolve confirmed weaknesses and vulnerability based on complexity and severity. We will provide updates on our response activities to those who disclose this information to us.