First United Airlines Bug Bounty Payout Is One Million Miles

The bug bounty program at United Airlines started just two months ago, and an independent researcher has already found a bug serious enough that the airline paid out 1 million miles for the first bug turned in. That’s worth about $25,000 in cash, or he could, well, travel with them.

The researcher who found the bug has his own security firm in Florida, and told Kapersky Labs’ Threat Post as much as he’s allowed to about his find. He can’t actually tell anyone much about the nature of the bug that he found or where he found it, but he is able to say that it would have allowed an evil-doer to execute code remotely on one of United’s systems.

It must have been a serious bug if it was worth that many miles, though. As soon as they verified the researcher’s citizenship and that he was in the U.S. when he discovered the flaw, they made two deposits in his frequent flyer account: one with one point, and one with a million.

United Airlines Hands Out Million-Mile Bug Bounty [Kapersky Labs] (via Wired)

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.