[eganist]

Sounds like a fix.

By the terms of the VRP it sounds like the reporter is owed a payout.

[kerng]

Bounty deserved, yes. Fixed? No, they only blocked his address, anyone else can still grab your info on their sites.

[lallysingh]

Looks like it's blocked for everyone now

[Buge]

It's blocked for people who aren't on the whitelist.

[kerng]

That is interesting, do you have more info? I'd imagine the whitelist being quite enormous!

[Buge]

I don't have any information besides what I've seen posted the comments here. For example this: https://twitter.com/sirdarckcat/status/994867632355577862

[acqq]

Exactly. If it was about "just whitelisted partners" he discovered it was actually "everybody." It's not different than discovering that instead of the password just an empty string is enough.