Comment by atm3ga

6 days ago

If this was disclosed via a vulnerability disclosure or bug bounty program and there are no indicators of a data breach then it's effectively like the findings from a pen-test so very likely no regulatory reporting requirements.

0 comments