When a hacker reports a vulnerability that has already been reported, it's considered a duplicate report. Marking a report as a duplicate you can choose between these 2 options:
Add the second hacker as an external participant on the original report.
Don't add the hacker as an external participant on the original report.
Adding a Hacker to the Original Report
To add the hacker to the original report:
Go to the bottom of the report above the comment box.
Change the action picker to Close report > Duplicate.
Enter the original report number in the Search report field and select the report from the selection list.
A checkbox stating Add hacker name to the original report will show under the Search report field.
Select the checkbox to add the hacker to the report.
It's up to your program to determine if you are comfortable with sharing the original report with the hacker who submitted the duplicate report. It's recommended to tie the second report to the original report to provide accountability and to account for Reputation gain or loss for the hacker.