diff --git a/.well-known/security.txt b/.well-known/security.txt
index 364ace373..2a9187344 100644
--- a/.well-known/security.txt
+++ b/.well-known/security.txt
@@ -1,7 +1,6 @@
 # Vulnerability reporting:
-Contact: gsa-vulnerability@gsa.gov
+Contact: gsa-vulnerability-reports@gsa.gov
 Contact: https://hackerone.com/gsa_bbp
-Contact: cloud-gov-compliance@gsa.ogv
 
 # Incident response:
 Contact: cloud-gov-security@gsa.gov
@@ -9,8 +8,4 @@ Contact: cloud-gov-security@gsa.gov
 # Our security policy
 Policy: https://www.gsa.gov/vulnerability-disclosure-policy
 
-# Note: GSA does _offer_ bounties -- the 
-# "ineligible" notice at https://hackerone.com/gsa_vdp?type=team
-# are incorrect / outdated (2023-11-02)
-
 Expires: 2029-12-31T23:59:59