Responsible Disclosure Program

Players

If you would like to report an incident about lost chips, game currency, virtual goods, account access problems or any other in-game issues, please contact Zynga Customer Support.

Scope

If you need support with any other in-game issues, please contact Zynga Customer Support.

Zynga is dedicated to providing a safe and fair gaming environment for our players. If you are a security researcher or an active player, and believe you’ve found a security vulnerability or game logic bug that could adversely affect Zynga or our players, or give an unfair advantage when abused, please let us know by contacting us through our Responsible Disclosure Program (RDP).

Rules for Zynga’s Responsible Disclosure Program

Zynga welcomes your submission of security vulnerability reports, provided you follow these guidelines when conducting your security assessment and research against our gaming applications and services.

You may set up secondary test accounts under your sole control for authorization testing. However:

  • You must not attempt to perform malicious data destruction attacks against Zynga’s or Zynga Customer’s data
  • You must not violate a person’s privacy in conducting your research
  • You must not perform any network volumetrics attacks that adversely affect the reliability of Zynga’s services, including but not limited to, DoS and DDoS

Submissions

Security vulnerability reports for Zynga and/or its affiliates may be submitted via the submission form below, or our vendor’s crowdsourced submission platform to be considered for our paid bounty or points awards. Alternatively, if you prefer, you may contact our security organization by emailing Zynga Product Security to provide vulnerability information directly.