Address
Customer Support Line
700
Enterprise Support Line
755
Customer Prepay Email
Post-pay Email
Enterprise Email
Chat with us on Telegram:
https://t.me/Safaricom_Ethiopia_PLC
Or Scan the below QR Code
Report Anonymously by:
Safaricom Telecommunications Ethiopia PLC is committed to ensuring the security of its products and protecting customer information. This Responsible Disclosure Agreement sets forth the terms and conditions for reporting security vulnerabilities to Safaricom Ethiopia. By submitting a vulnerability report, you agree to be bound by the terms of this Agreement.
Company acknowledges and appreciates the efforts of security researchers in reporting vulnerabilities responsibly. We welcome and encourage responsible disclosure reports. The company does not offer rewards for reported vulnerabilities at this moment.We will start a bug bounty program in the near future.
Security researchers are required to adhere to the following guidelines when reporting vulnerabilities. Under this Agreement, "research" means activities in which you:
Once you've established that a vulnerability exists or encounter any sensitive data (including personally identifiable information, financial information, or proprietary information or trade secrets of any party), you must stop your test, notify us immediately, and not disclose this data to anyone else.
The following test methods are not authorized:
This policy applies to the following systems and services:
Vulnerabilities found in systems owned and managed by our vendors, fall outside of this policy scope and should be reported directly to the vendor according to their disclosure policy (if any).
The company commits to acknowledging receipt of vulnerability reports within 72 business hours. Our team will diligently investigate and promptly address reported issues. The resolution timeframe may vary based on the complexity and severity of the identified vulnerability
By submitting a vulnerability report, both parties agree to maintain confidentiality regarding the reported issue and any related communication. The details of the vulnerability and the disclosure process should not be disclosed to third parties without the express consent of the Company.
Submitting a vulnerability report does not guarantee a reward or immunity from legal action if the researcher violates any terms of this Agreement. The company reserves the right to take appropriate legal action in response to any unauthorized or malicious activity.