Looking for a security contact at quicken.com

I found a security vulnerability on quicken.com that I’m trying to responsibly disclose (CVSS 5.3). I sent an email to [email protected] on December 19, but I haven’t heard back from anyone yet. Does anyone have an idea on how to contact them?

1 Like

I was just browsing through their support forum, they seem to monitor it well, for example:

Terms page mentions Secu* around 18 times, but info.

Apparently they want postcards sent to: * Developer Contact Info: Direct any questions, complaints or claims to: Quicken Inc., 3760 Haven Ave, Menlo Park, CA 94025 or visit https://www.quicken.com/ to access Support.

But in all seriousness, the forum there seem monitored, I would even hijack the Morgan Stanley Security Enhancement thread, or create a new one:


I would reply to one of those threads, or post a new one.

Quicken is absolutely huge so this is a doozy, @caseyjohnellis you know anyone?

Sorry I didn’t see this earlier!

I was able to get in touch with them via DMing @Quicken_Care on Twitter.