Skip navigation MENU

Responsible Disclosure

Safety of our systems is important to Iddink Digital and holding company Sanoma and we continuously work on the security of our services. If you notice a weak spot, we would appreciate if you report it via an email to: cert@sanoma.com.

By reporting a vulnerability before you make it known to the outside world, you enable Sanoma to take appropriate measures first. If you report a vulnerability or security issue, please consider the following:

  • Provide sufficient information to reproduce the problem. This way Sanoma can solve the problem as quickly as possible. Usually the URL of the affected service and a description of the vulnerability is sufficient.
  • Leave your contact details (name, email address and/or telephone number) so that Sanoma can contact you.
  • Report your finding as soon as possible after discovering the vulnerability or security issue.
  • Please report your finding in English. Alternatively Finnish or Dutch can be used.
  • Please do not report missing or permissively configured email authentication records (SPF, DKIM, DMARC).


After we have received your report:

  • Your report is treated confidential.
  • We will acknowledge that we have received your message within 3 days.
  • Within 10 working days we will provide more detailed feedback on your finding.

We kindly ask you to respect our rules

  • Please do not share the information about the vulnerability or security issue with others until it is resolved.
  • Do not abuse the vulnerability that you have identified. Limit your actions to the minimum needed to identify the vulnerability.
  • Your investigation should not have any impact on the availability of our services.
  • Do not perform actions that go beyond what is necessary to demonstrate the security issue.
  • Do not utilize brute force techniques or social engineering in order to gain access to our services.
  • Do not implant a backdoor in our services to demonstrate your finding.

Please note that this channel is not meant for customer support or questions about our services.