Security | Incident Reporting
Report a Security Incident
If you've discovered a suspected security issue involving Thoro systems, services, or data, report it to our security team.
01 - How to Report
Send an email to our security team
Email security@thoro.ai with a description of the suspected security incident. Include as much detail as you have available - partial information is still useful and you can follow up as more becomes available.
Email Subject Line
[Security Incident] <brief description>
Example
Example: [Security Incident] Possible GitHub token exposed in CI logs
02 - What to Include
Email Body
Reporter:
Date/time discovered:
System/service/vendor/customer involved:
Environment:
Description:
Is this ongoing?:
Possible customer data involved?:
Possible personal data involved?:
Possible credentials/secrets involved?
Evidence links:
Actions already taken:
Who else knows?:
Urgency or suspected severity:
Reporting Guidance
Include as much of the following as available in the body of your email.
Reporter name and contact information
Date/time discovered.
System, service, environment, repository, vendor, customer, or device involved.
What happened or what appears suspicious.
Whether customer data, personal data, credentials, production systems, or regulated data may be involved.
Screenshots, logs, alerts, URLs, ticket links, commit SHAs, IP addresses, hostnames, usernames, or other evidence.
Actions already taken.
Whether the issue is ongoing.
Whether anyone else has been notified.
Do not include plaintext passwords, private keys, tokens, recovery codes, or sensitive secrets in the email.
