If you think you’ve found a security problem with one of our online services you should:

  • report it, as soon as possible, to our ICT Security Team by email:
  • avoid doing anything to exploit the vulnerability

Reporting a security problem

We take the security of our online systems very seriously and will investigate all reported vulnerabilities, taking action where necessary.

When you report a security issue to us, you should provide enough information to help us understand:

  • the type of problem
  • where you found the bug (web address, IP address or domain name)
  • potential impact of the issue
  • how an attacker could exploit the vulnerability

You'll receive an automatic reply indicating that your message has been received.