Screenshot from: www.ea.com/security/hall-of-fame Shows the Hall of Fame page for responsible vulnerability disclosure to EA. Transcript of entries shown: + Ramin Tépfer Social links: https;//wwwlinkedin.com/in/ramintopfer/ Q1 (January - March) - JayeLTee Social links: https;/infosec.exchange/@JayeLTee + Preetham Kumar Social links: https;//wwwlinkedin.com/in/preetham--kumar/

Notices where this attachment appears

1. Embed this notice
   JayeLTee (jayeltee@infosec.exchange)'s status on Saturday, 12-Jul-2025 17:37:22 JST JayeLTee

   I received an email earlier this week from EA asking if I wanted to be added to a public acknowledgement page they were creating for individuals who responsibly disclosed vulnerabilities to them.

   For all the shit people give EA, of the 100+ companies I contacted in the last two years, they were the only company I would say had a decent incident response.

   They fixed the issue within 12 hours after validating it as critical, and proactively provided me multiple updates over time.

   When the IR was done on their side, they reached out again with some more information about the potential impact if the issue hadn't been solved quickly, and also offered me a reward.

   I did not have to keep chasing anyone for updates, I wasn't asked for non-disclosure, or offered money in exchange for it, and people replied instead of ignoring me.

   I wasn't blamed for their mistake, either, or reported to the authorities.

   Unfortunately, at least one or multiple of the things mentioned above are present in most of my other incidents reported; it's a real shit show out there.

   #cybersecurity #infosec #responsibledisclosure #vulnerability #ea #electronicarts