T-Mobile

Welcome to The Uncarrier. Are You With Us?

  • Points – $10,000 per vulnerability
  • Safe harbor
Submit report

Program stats

  • Vulnerabilities rewarded 282
  • Validation within 5 days 75% of submissions are accepted or rejected within 5 days
  • Average payout $6,090.56 within the last 3 months

Latest hall of famers

View all 86

Recently joined this program

246 total

T-Mobile is committed to protecting our customers, our employees, our partners, and our brand. As part of this commitment, T-Mobile USA, Inc. (“T-Mobile”) looks forward to working with the security community to keep our customers and business safe.

If you have identified a security vulnerability in a T-Mobile property, application, or system, we encourage you to report it. We’ll evaluate the reported vulnerability and promptly take appropriate action.

The scope of this program is limited to T-Mobile. Please note that we do not own (and therefore cannot remediate findings on) non-T-Mobile assets, including those associated with Deutsche Telekom.

Scope and rewards

Program rules

This program follows Bugcrowd’s standard disclosure terms.

For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please email support@bugcrowd.com. We will address your issue as soon as possible.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.