Security News > 2022 > March > HackerOne apologizes to Ukrainian hackers for mistakenly blocking payouts
Today, Chris Evans, the CISO of bug bounty platform HackerOne, apologized to Ukrainian hackers after erroneously blocking their bug bounty payouts following sanctions imposed on Russia and Belarus after Ukraine's invasion.
"Due to current economic sanctions and export controls, if you are based in Ukraine, Russia, or Belarus all communications and transactions have been paused for the time being," an email received by Ukrainian hackers from HackerOne read. The decision to freeze accounts for Ukrainians on the bug bounty platforms was also shared by HackerOne CEO Mårten Mickos via a now-deleted tweet saying that the company would re-route all rewards to UNICEF for all hackers from sanctioned areas.
Following the unanimous outcry against the decision to freeze Ukrainian accounts, HackerOne backpedaled and restored the hackers' accounts, allowing them to withdraw their earnings again.
Today, HackerOne's CISO Chris Evans apologized for HackerOne's misguided decision pinning it on poor communication and the blocked payouts on backend issues.
"On behalf of the HackerOne team, I'd like to apologize to the Ukrainian hacker community for the frustration and confusion that our poor communication has caused. We have not block lawful payments to Ukraine," Evans said.
"Thank you to the hacker community for bringing these issues to light. We will fix our incorrect documentation, and I am reaching out to hackers individually. We always aim to be as transparent as possible, and will release a FAQ within 24 hours."