What is a Bug Bounty?

What is a Bug Bounty?

December 18, 2017         Written By Lynn Oldshue

Uber recently revealed they paid a hacker $100,000 to delete the personal information of 57 million users and 600,000 drivers that had been accessed in an October 2016 breach. Media reports indicate the hacker was a 20-year-old from Florida who lives with his mother.

Uber seems to have used its bug bounty program to pay the ransom, according to a Reuters report. The $100,000 check was allegedly issued through this program and was paid after the hacker proved he had deleted the information.

A bug bounty program is a controversial practice that some companies, such as Mozilla, Facebook and Google, use to uncover possible security vulnerabilities. Basically, companies pay independent researchers a fee for uncovering potential vulnerabilities within its systems. Mozilla pays a $3,000 flat rate to ethical security researchers who find bugs, while Facebook has paid as much as $20,000, according to TechTarget.

Uber has hired HackerOne for its official bug bounty program, but the young man who allegedly breached their systems is not a part of this program. It is unclear who authorized the payment, but the sources close to the story told Reuters that then-CEO Travis Kalanick was aware of the breach and the payment was made as early as November of last year.

Bug bounty programs put companies into an ethical gray zone. While many security research companies, such as HackerOne, have specific guidelines to help protect both the researchers and any potential victims, these programs leave the door open to pay outside parties for stealing information. Also, customers are not aware that a third-party accessed their information, which raises questions about privacy.

The information contained within this article was accurate as of December 18, 2017. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.


About Lynn Oldshue

Lynn Oldshue has written personal finance stories for LowCards.com for twelve years. She majored in public relations at Mississippi State University.
View all posts by Lynn Oldshue
Featured Low Interest Card
Top Features : 1.25X miles on every purchase; no annual fee; bonus of 20,000 miles once $1,000 is spent in first 3 months
Featured No Annual Fee Card
Top Features : Earn cash back twice. 1% when you buy plus 1% as you pay; 0% APR for 18 months on balance transfers
Featured Bad Credit Card
Top Features : No Annual Fee; Cash Back match at the end of your first year; Social Security Alerts
Featured Fair Credit Card
Top Features : No annual fee; access to higher credit line after making first 5 monthly payments on time
Featured Limited/No Credit
Top Features : No annual fee; reports to major credit bureaus; access to higher credit line after making first 5 monthly payments on time
Featured Cash Back Card
Top Features : No Annual Fee, Bonus Offer, Cash Back