We've reported an information disclosure vulnerability at a reseller portal for a ict reseller company. The issue allowed registered users to retrieve information of other users including employee information, email adresses and mobile numbers.

This issue was already a known issue by the customer and they didn't appreciate our report and accused the security expert of hacking their system.