Sandeep Shetty writes:
Update (added on 3 Dec 2013): Based on my feedback Myntra.com has now setup [email protected] for reporting security issues. Kudos to them for taking the first step towards a better responsible disclosure process and setting an example for other Indian companies.
Last week a bug on Myntra.com let anyone with an account take over random customer accounts and highlighted the lack of responsible disclosure processes among Indian companies.
Read more on Sandeep Shetty’s Blog.
h/t, @VERISDB