Note: As of Jan 2014, this page is no longer updated. Please see our new page on Hackerone instead.

Special thanks

Dropbox is honored to spotlight the following people for their contributions in making Dropbox safer. Members of this list reported significant bugs or security concerns, and their actions benefit the millions of people who rely on Dropbox every day.

• Masato Kinugawa
• Tyrone Erasmus
• Maxim Rupp
• Keita Haga
• Evan Cardilino
• Neal Poole
• Szymon Gruszecki
• Rakan Alotaibi
• Nir Goldshlager
• Ben Hayak
• Shai Rod
• Mateusz Goik
• Danor Cohen
• Sandeep Kamble (Parason INC)
• Ari Rubinstein
• Lukas Reschke
• Martin Hall
• Juliano Rizzo and Thai Duong
• Emanuel Bronshtein
• Avram Marius Gabriel
• Ajay Singh Negi
• Shashank Kumar
• M.R.Vignesh Kumar
• Piyush Malik
• Philippe Arteau
• Jaume Llopis Pujal
• Frans Rosén
• Rafay Baloch
• George Deglin
• Evgeny Ermakov
• Anand Prakash (Vellore Institute of Technology, India)
• Dhirendra Singh Kholia
• XiaoFeng Wang
• Luyi Xing
• Rui Wang
• Shuo Chen
• Yuji Kosuga
• Adam Barth
• Malte Batram
• Milad Bahari Rad
• Prakhar Prasad
• Zouheir Abdallah - QCERT
• Christophe Van Gysel
• Juan Broullón
• Krutarth Shukla
• Kamil Sevi
• Manish Bhattacharya
• Roy Castillo
• Juan David Castro Cantillo (WebSecurityDev)
• Manish Bhattacharya
• Sahil Saif
• Prashant Negi
• Vedachala
• Ajay Singh Negi
• Christy Philip Mathew
• Anand Sundar Tiwari
• Y.Srikanth (Entersoft Infromation Systems Pvt ltd)
• Maciej Gojny
• Rafael Pablos
• João Lucas Melo Brasio
• Andris Atteka
• Mathias Bynens
• Tom Van Goethem
• Antoine Delignat-Lavaud
• Vinod Tiwari
• Egor Homakov
• Daniel Alvear
• Brandt Buckley
• Userbased
• Ankit Bharathan
• Yogesh Modi
• Rob Fletcher
• Gökmen Güreşçi
• Mubix
• Dhaval Chauhan
• Muhammad Talha Khan
• José Pino
• Atulkumar Hariba Shedage
• Masashi Sakai
• beist (grayhash)
• Paresh Parmar
• Omair
• Rodolfo Godalle, Jr.

On behalf of the Dropbox team and users worldwide, thank you.

Responsible disclosure policy

To promote the discovery and reporting of vulnerabilities and increase user safety, we ask that you:

• Share the security issue with us in detail on the third party service HackerOne
• Give us a reasonable time to respond to the issue before making any information about it public.
• Not access or modify user data without permission of the account owner.
• Act in good faith not to degrade the performance of our services (including denial of service).

We will not sue you or ask law enforcement to investigate you for activities that comply with these principles.