HackerOne says an employee stole vulnerability reports submitted through its bug bounty platform and disclosed them to seven companies for financial rewards (Ionut Ilascu/BleepingComputer)