Reporting a Security Incident

This content is controlled for compliance requirements. Please contact the owner (Joe Hoyle) if you need to make changes.

It is important that all members of the Human Made team are aware of our Incident Response Procedure, including your own responsibilities within that procedure. This procedure also applies to people outside the organisation such as suppliers and clients and website visitors who wish to report a security incident. 

A security incident is:

single or a series of unwanted or unexpected information security events that have a significant probability of compromising business operations and threatening information security

Reporting information security events

Information security events or system weaknesses that could lead to an incident should be reported to security@humanmade.com. If you wish to disclose an issue anonymously you should create a new email account (e.g. a throwaway/alias account) and email or security@humanmade.com. You can follow this guide to learn how to send email anonymously.

Examples of information security events are:

  • Phishing emails or telephone calls
  • Access violations
  • Breaches of Human Made’s confidentiality policy
  • Security vulnerabilities on Human Made’s website or our plugins
  • Security vulnerabilities on client websites 
  • Uncontrolled system changes
  • Staff misconduct relating to information security
  • Loss of laptop or mobile phone
  • Security weaknesses or data breaches at suppliers, partners or clients

security@humanmade.com can be accessed by:

  • Members of the executive team
  • Ryan McCue
  • Petya Raykovska

Security incidents will be logged in the Incident Response Log

Incidents are handled per our company incident process.


This page is reviewed every 1 year. It was last reviewed on November 21, 2024 and will expire on November 6, 2025.