BombBomb Security Practices


Security is an essential part of our business and is embedded in everything we do. Keeping your data safe is a top priority. Security and Compliance is achieved through a variety of processes and practices that we employ:

Compliance Certifications


Compliance Certification

For more information please contact us at compliance@bombbomb.com.

Privacy Certification

For more information please contact us at privacy@bombbomb.com.

Reporting Suspected Vulnerabilities and Fraudulent Activity


If you are a security researcher and have identified a potential vulnerability, we would appreciate your help in disclosing it to us in a private manner so that we can keep our application and customers safe. When developing and testing the vulnerability, please do not:

If you follow these rules, we won’t suspend or terminate your service access to BombBomb for discovering and reporting any vulnerabilities.

  1. If you would like to report a vulnerability, or if you have a related security concern with your account, please email securityteam@bombbomb.com. or call our support team at 866-209-4602
  2. If you suspect that another BombBomb account is being used for suspicious, fraudulent, spam or other related illegal activity, you can report it to the Abuse Team at abuse@bombbomb.com

So that we may more effectively respond to your report, please provide any supporting material (steps to reproduce, proof-of-concept code, videos/screenshots, etc.) that would be useful in helping us understand the nature and severity of the vulnerability. The information you disclose to BombBomb will be maintained as confidential. The BombBomb Security and Abuse teams will review the submitted report and assign it to an analyst for review. Our Security team will be in contact once the vulnerability has been classified, and BombBomb will address any critical vulnerabilities in a timely manner.