United Airlines awards hackers millions of miles for reporting bugs

United Airlines  has awarded “millions of frequent flier miles” to
hackers who have found out gaps in the carrier’s web security, in a first for
the U.S. airline industry, according to a report published on Reuters.
However, some tweets from those hackers have said that they
have got small awards than the company had announced.  
“Well that answers that question. Found out which of my two
bugs was worth a million because the other is apparently worth 250k,” one of
the tweets posted by Jordan Wiens @psifertex.
It is also said that some terms of the agreement does not
allow Wiens from disclosing the bug he had discovered.
On the other hand, the company concerned confirmed with
Reuters that it has paid out two awards worth 1 million miles each, worth
dozens of free domestic flights on the airline.
 “We believe that this program will further bolster our
security and allow us to continue to provide excellent service,” the
United said on its website.
“It has hoped to trailblaze in the area of airline web
security by offering “bug bounties” for uncovering cyber risks.
Through the program, researchers flag problems before malicious hackers can
exploit them. The cost can be less than hiring outside consultancies,” the news
report read.
The Trade group Airlines for America said in a statement that all the United State
carriers should conduct tests to make sure, if their systems are secure.
Beyond the Bug bounty program, the company also has tested systems
internally and engaged cyber security firms to keep its websites secure.

Leave a Reply